Product DocsMenu

Coveo Platform 7.0 >
Administrator Help > Connectors > Sitecore Connector > Configuring a Security Provider

Configuring a Sitecore Security Provider

When a Sitecore instance includes secured content, the Sitecore connector needs a security provider to be able to resolve the permissions for each Sitecore item, and therefore fully support the Sitecore security model. This means that, in a Coveo search interface, a user searching for Sitecore content only sees the content to which he has access in Sitecore.

When the Sitecore instance you want to index only offers public content, you do not need a security provider.

Note: You can get familiar with how Coveo components deal with permissions on documents both at indexing and query time (see Security) .

To configure a Sitecore security provider

  1. On the Coveo server, access the Administration Tool (see Opening the Administration Tool).

  2. Select Configuration > Security.

  3. In the Security page, in the navigation panel on the left, click Security Providers.

  4. In the Security Providers page, click Add to create a new security provider.

  5. In the Modify Security Provider page:

    1. In the Name box, enter a name to identify this security provider.

      Note: You can configure the security provider to work with the new (Sitecore2) or legacy (Sitecore) connectors. It may be a good idea to indicate which connector is used in the name to prevent confusion.

      Example: Sitecore2 Security Provider

    2. In the Security Provider Type drop-down list, select Sitecore2.

    3. In the User Identity section:

      1. In the drop-down list, select the user identity that you selected or created previously.

      2. When needed, click Add, Edit, or Manage user identities respectively to create, modify, or manage user identities.

    4. In the Active Directory Security Provider drop-down list:

      1. Select the appropriate security provider that this security provider uses to resolve and expand the groups.

        Note: CES comes with an Active Directory security provider that you can configure to connect to the default domain. When your environment contains more than one domain, you can select an Active Directory security provider that you created for other domains (see Configuring an Active Directory Security Provider).

      2. When an appropriate security provider is missing, click Add, Edit, or Manage security providers respectively to create, modify, or manage security providers.

    5. In the Active Directory Domains box, enter the name of the domains you want to use when resolving users. This parameter is optional and is used to map Sitecore users to Active Directory users. When you specify domain names, the Sitecore domain name is replaced by this domain name to attempt to map users.

      Example: When you specify the AD domain name prod, the user sitecore\user is mapped to prod\user.

    6. In the Sitecore Server Url box, enter the address to your Sitecore server.

      Note: Entering the wrong URL in the Sitecore Server Url box, like the one of your Coveo server rather than the one of your Sitecore server, can cause repetitive unanswered calls to this URL and make this server unresponsive.

    7. In the Parameters section, click Add Parameters to specify other security provider parameter names and values that could help to troubleshoot security provider issues (see Modifying Hidden Sitecore Source Parameters).

      Note: The security provider and the source must have matching parameters. When you specify non default values on normal or hidden source parameters, you must include the parameter with the same value for the security provider.

      Example: If you enter MyDatabase for the Database source parameter, in the security provider Parameters section, you must add the same parameter and value.

    8. Leave the Allow Complex Identities option cleared as it does not apply to this type of security provider.

    9. Click Apply Changes.

      Note: If your Sitecore server is not warmed up and IIS needs to load the site to respond to the security provider, the initialization request may time-out and throw an error in the CES Console. In such a case, ensure that the Sitecore server is immediately responding, and press Apply Changes again in this page to reset the initialization process.

What's Next?

Consider creating and using a mapping file (see Creating and Using a Sitecore Mapping File).

People who viewed this topic also viewed