| Back to Home | Admin Console Help | Log Out |
| Admin Console Help |
| |
|
| Admin Console Help
Home |
Search > Secure Search > Access ControlUse the Search > Secure Search > Access Control page to perform the following tasks:
Enabling the Search Appliance to Record User Identities for QueriesThe search appliance can record the user identity for a secure query when the user is authenticated with a verified identity. Enabling this option will set the search appliance to record the user identity (if available) for each query and display user identities in search logs and in serving logs. After you enable this option, the search appliance begins recording user identities for subsequent queries. You can define, generate, or view a search log by using the Reports > Search Logs page in the Admin Console. You can view serving logs by using the Reports > Serving Logs page. To enable recording user identities in search logs and serving logs:
To disable recording user identities in search logs and serving logs:
Enabling Authentication for User ResultsUser results give users the capability to add search results for certain keywords in a specific front end. User results cause designated documents always to appear on the results pages for specified keyword searches performed in the front end. To configure user results, use the Search > Search Features > User Results page. Enabling authentication for user results requires a user to be properly authenticated with a verified identity before adding, editing, or removing user results. If authentication for user results is enabled, and the user is not logged in with a proper verified identity, the user cannot add, edit, or delete user results. If authentication for user results is not enabled, users are not required to be properly authenticated before adding, editing, or removing them. To enable authentication for user results:
To disable authentication for user results:
Changing the SAML Issuer Entity IDBy default, the SAML Issuer Entity ID that is used by a search appliance in SAML requests is:
In a configuration with one search appliance or more than one separate search appliances, each one should have its own SAML Issuer Entity ID to ensure that the issuer is unambiguous. In a multibox configuration, such as GSAn, GSA Unification, or load balancing, the search appliances should share the SAML Issuer Entity ID of the master node. Enabling a multibox configuration causes the SAML Issuer Entity ID to propogate to the other nodes in the configuration. You can change the ${APPLIANCE_ID} in the SAML Issuer Entity ID to be anything you want, for example:
To change the SAML issuer entity ID for your search appliance:
Setting Session Idle TimeSession Idle Time specifies how long a user's search session can be inactive before timing out, in seconds. When the session idle time expires, the search appliance ends the session. To resume searching, the user needs to provide his credentials again in the Universal Login Form. The default value is 1800 seconds (30 minutes). To set Session Idle Time:
For More InformationFor more information about access control, see Administration > LDAP Setup and Content Sources > Web Crawl > Secure Crawl > Crawler Access. |
||
|
© Google Inc. |
