Associating security trimmers with documents in an enterprise search system
First Claim
1. A computer-implemented method for associating security trimmers with documents, the computer-implemented method comprising performing computer-implemented operations for:
- maintaining a search index at a Web server computer, the search index comprising one or more document identifiers, wherein each document identifier comprises a URL referencing a document and having an associated crawl rule identifier;
maintaining a security trimmer configuration store comprising one or more security trimmer implementations comprising one or more security trimmer identifiers, each security trimmer identifier referencing a security trimmer and having associated configuration information for configuring the security trimmer, each security trimmer configured to invoke an application programming interface (API) exposed by a back-end computing system for determining whether a user has access rights to a document;
maintaining a crawl rule definition store comprising one or more crawl rules, each crawl rule comprising a regular expression on a document identifier and being associated with one or more security trimmer identifiers, and each crawl rule being further associated with a priority value;
selecting the crawl rule for use with the document identifier based upon the priority value;
receiving a query request from the user at the Web server computer, the query request including one or more search terms;
in response to receiving the query request at the Web server computer, querying the search index to identify an identified document that matches the search terms;
identifying the security trimmer implementations for the identified document using the associated crawl rule identifier and crawl rule definition store;
executing the security trimmer corresponding to the identified security trimmer implementations to retrieve access rights for the identified document, the access rights being retrieved from the API exposed by the back-end computing system;
associating each crawl rule with a trimmer resolver, the trimmer resolver being configured to receive the access rights from each of the security trimmers and to determine, based upon the received access rights, whether the user is permitted to view the identified document;
executing the trimmer resolver to determine whether the user is permitted to view the identified document; and
if the user is permitted to view the identified document, causing the identified document to be displayed to the user.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and computer-readable media are provided for associating security trimmers with documents in an enterprise search system. According to one method, a search index is maintained that includes one or more document identifiers corresponding to documents stored at back-end computing systems. Each document identifier in the search index is associated with one or more security trimmer implementations. When a query request is received from a user, the search index is queried to identify documents referenced by the search index that match search terms provided with the query request. For each document that matches the search terms, the associated security trimmer implementations are identified and executed to retrieve the access rights to view the document for the current user from the back-end computing system where the document is stored.
28 Citations
8 Claims
-
1. A computer-implemented method for associating security trimmers with documents, the computer-implemented method comprising performing computer-implemented operations for:
-
maintaining a search index at a Web server computer, the search index comprising one or more document identifiers, wherein each document identifier comprises a URL referencing a document and having an associated crawl rule identifier; maintaining a security trimmer configuration store comprising one or more security trimmer implementations comprising one or more security trimmer identifiers, each security trimmer identifier referencing a security trimmer and having associated configuration information for configuring the security trimmer, each security trimmer configured to invoke an application programming interface (API) exposed by a back-end computing system for determining whether a user has access rights to a document; maintaining a crawl rule definition store comprising one or more crawl rules, each crawl rule comprising a regular expression on a document identifier and being associated with one or more security trimmer identifiers, and each crawl rule being further associated with a priority value; selecting the crawl rule for use with the document identifier based upon the priority value; receiving a query request from the user at the Web server computer, the query request including one or more search terms; in response to receiving the query request at the Web server computer, querying the search index to identify an identified document that matches the search terms; identifying the security trimmer implementations for the identified document using the associated crawl rule identifier and crawl rule definition store; executing the security trimmer corresponding to the identified security trimmer implementations to retrieve access rights for the identified document, the access rights being retrieved from the API exposed by the back-end computing system; associating each crawl rule with a trimmer resolver, the trimmer resolver being configured to receive the access rights from each of the security trimmers and to determine, based upon the received access rights, whether the user is permitted to view the identified document; executing the trimmer resolver to determine whether the user is permitted to view the identified document; and if the user is permitted to view the identified document, causing the identified document to be displayed to the user. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-readable storage medium having computer-executable instructions stored thereon that, when executed by a computer, cause the computer to:
-
maintain a search index at a Web server computer, the search index comprising one or more document identifiers, wherein each document identifier comprises a URL referencing a document and having an associated crawl rule identifier; maintain a security trimmer configuration store comprising one or more security trimmer implementations comprising one or more security trimmer identifiers, each security trimmer identifier referencing a security trimmer and having associated configuration information for configuring the security trimmer, each security trimmer configured to invoke an application programming interface (API) exposed by a back-end computing system for determining whether a user has access rights to a document; maintain a crawl rule definition store comprising one or more crawl rules, each crawl rule comprising a regular expression on a document identifier and being associated with one or more security trimmer identifiers, and each crawl rule being further associated with a priority value; select the crawl rule for use with the document identifier based upon the priority value; receive a query request from the user at the Web server computer, the query request including one or more search terms; in response to receive the query request at the Web server computer, query the search index to identify an identified document that matches the search terms; identify the security trimmer implementations for the identified document using the associated crawl rule identifier and crawl rule definition store; execute the security trimmer corresponding to the identified security trimmer implementations to retrieve access rights for the identified document, the access rights being retrieved from the API exposed by the back-end computing system; associate each crawl rule with a trimmer resolver, the trimmer resolver being configured to receive the access rights from each of the security trimmers and to determine, based upon the received access rights, whether the user is permitted to view the identified document; execute the trimmer resolver to determine whether the user is permitted to view the identified document; and if the user is permitted to view the identified document, cause the identified document to be displayed to the user. - View Dependent Claims (6, 7, 8)
-
Specification