Step 1: Create the Custom Security Trimmer

This walkthrough describes how to create, deploy, and register a custom security trimmer for Enterprise Search in Microsoft Office SharePoint Server 2007 by using Microsoft Visual Studio 2005.

Step 1 describes how to create the custom security trimmer, and includes the following tasks:

  • Setting up the custom security trimmer project

  • Coding the custom security trimmer

  • Compiling the custom security trimmer project with a strong name

Setting Up the Custom Security Trimmer Project

To create the project for the custom security trimmer

  1. In Visual Studio, on the File menu, point to New, and then click Project.

  2. In Project types, under C#, select Windows.

  3. Under Templates, select Class Library. In the Name field, type CustomSecurityTrimmerSample, and then click OK.

Next you must add the required references to your Web Part project.

To add references to the CustomSecurityTrimmerSample project

  1. On the Project menu, click Add Reference.

  2. On the .NET tab, select the following reference, and then click OK:

    • Microsoft.Office.Server.Search

Note

If the SharePoint site is configured to use Forms authentication, to access the user name you must use the HttpContext class, so you must also add a reference here to System.Web.

Before you add code for the security trimmer, replace the default class file with a new class file.

To create the class file for the security trimmer

  1. In Solution Explorer, right-click Class1.cs, and then click Delete to remove the default class created with the project.

  2. On the Project menu, click Add New Item.

  3. In the Add New Item dialog box, click Class, type CustomSecurityTrimmer.cs, and then click Add.

Writing the Custom Security Trimmer Code

To modify the default code in CustomSecurityTrimmer

  1. Add the following using statements near the top of the code with the other namespace directives.

    using System.Collections;
    using System.Collections.Specialized;
    using System.Security.Principal;
    using Microsoft.Office.Server.Search.Query;
    using Microsoft.Office.Server.Search.Administration;
    
  2. Specify that the CustomSecurityTrimmer class implements the ISecurityTrimmer interface in the class declaration, as follows.

    public class CustomSecurityTrimmer : ISecurityTrimmer
    

You are now ready to write the code to implement the ISecurityTrimmer interface methods.

To implement the ISecurityTrimmer interface methods

  1. Add the following code for the Initialize method declaration.

    public void Initialize(NameValueCollection trimmerProps, SearchContext searchCxt)
    {
    
    }
    

    The basic version of this sample does not include any code in the Initialize method. The Initialize method in the Step 3 (Optional): Specify a Configurable Limit on the Number of Crawl URLs Checked contains an example implementation.

    For more information about implementing the Initialize method, see Custom Security Trimming for Enterprise Search Results Overview.

  2. Add the following code for the CheckAccess method declaration.

    public BitArray CheckAccess(IList<String> crawlURLs,IDictionary<String,Object> sessionProperties)
    {
    //CheckAccess method implementation, see steps 3-5.
    }
    
  3. For the first part of the CheckAccess method implementation, declare and initialize a BitArray variable to store the results of the access check for each URL in the crawlURLs collection, and retrieve the user name for the user who submitted the query, as follows.

    BitArray retArray = new BitArray(crawlURLs.Count);
    //For Windows authentication, uncomment the next line:
    //string strUser = WindowsIdentity.GetCurrent().Name;
    //For Forms authentication, uncomment the next line:
    //string strUser = HttpContext.Current.User.Identity.Name;
    
  4. Loop through each crawl URL in the collection, and perform the access check to determine if the user who submitted the query can access the crawl URL's associated content item.

    If the user has access to the content item, set the value of the BitArray item at that index, retArray[x], to true; otherwise, set it to false, as follows.

    for (int x = 0; x < crawlURLs.Count; x++)
    {
    /*
    To fully implement the security trimmer, add code to perform the security check and determine if strUser can access crawlURLs[x]. 
    If strUser can access crawlURL[x], then:
    */
    
    retArray[x] = true;
    //If not:
    retArray[x] = false;
    }
    
  5. Set the return value of the CheckAccess method to retArray, as follows.

    return retArray;
    

Compiling the Custom Security Trimmer Project with a Strong Name

To compile the custom security trimmer project with a strong name

  1. In Visual Studio 2005, on the Project menu, click CustomSecurityTrimmerSample Properties.

  2. In Signing, select Sign the assembly.

  3. In Choose a strong name key file, select New. In Key file name, type a name for your key file, and then click OK.

    Note

    If you have an existing key file to use, select Browse instead of New for this step and locate the existing file.

  4. On the Build menu, click Build Solution.

Next Steps

In Step 2: Deploy and Register the Custom Security Trimmer, you will deploy and register the custom security trimmer.

Step 3 (Optional): Specify a Configurable Limit on the Number of Crawl URLs Checked contains a modified version of the custom security trimmer class that shows you how to implement a configurable limit on the number of items checked by the custom security trimmer.

Example

Following is the complete sample code for the CustomSecurityTrimmerSample class, described in this step.

using System;
using System.Collections.Generic;
using System.Text;
using Microsoft.Office.Server.Search.Query;
using Microsoft.Office.Server.Search.Administration;
//For Windows Authentication
using System.Security.Principal;
//For Forms Authenticaion
using System.Web;
using System.Collections.Specialized;
using System.Collections;

namespace CustomSecurityTrimmerSample
{
    class CustomSecurityTrimmer : ISecurityTrimmer
    {
        public void Initialize(NameValueCollection trimmerProps, SearchContext searchCxt)
        {
        }

        public BitArray CheckAccess(IList<String> crawlURLs, IDictionary<String, Object> sessionProperties)
        {
            BitArray retArray = new BitArray(crawlURLs.Count);
            
        //For Windows authentication, uncomment the next line:
            //string strUser = WindowsIdentity.GetCurrent().Name;
        //For Forms authentication, uncomment the next line:
           //string strUser = HttpContext.Current.User.Identity.Name;

            for (int x = 0; x < crawlURLs.Count; x++)
            {
              /*
                To fully implement the security trimmer,
                add code to perform the security check 
                and determine if strUser can access crawlURLs[x].
                If strUser can access crawlURL[x], then:
               */
                retArray[x] = true;
              //If not:
                retArray[x] = false;
            }
            return retArray;
        }
    }
}

See Also

Reference

Microsoft.Office.Server.Search.Query.ISecurityTrimmer

Concepts

Custom Security Trimming for Enterprise Search Results Overview
Walkthrough: Using a Custom Security Trimmer for Search Results
Step 2: Deploy and Register the Custom Security Trimmer
Step 3 (Optional): Specify a Configurable Limit on the Number of Crawl URLs Checked