Thanks Gary - something for me to think about. I was thinking along the lines of checking each of the search results but was worried about the performance.
The site has many sections with useres that can be members of one or more sections. So I guess if I had a verity collection for each section, then only query sections the user has access to. Then, say the user has access to 4 sections, I would have 4 sets of search results. The easiest way of displaying them would be group by section, sorted by weighting. But if they wanted all the search results together, sorted by weighting, I would have to do a query of queries sort of thing and then sort the whole lot. This too would be a performance hit. I think you should not be able to see search resaults for things you dont have access too because a) it is just a pain to go to all the trouble of clicking a link only to find you dont have access to it it would have to be up there with 404s b) The teaser / title might be something you are not ment to know eg FarCryInstallMeansWeDontNeedSoManyITStaff.doc -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Gary Menzel Sent: Thursday, 18 March 2004 11:36 AM To: FarCry Developers Subject: [farcry-dev] Re: verity search results and anonymous access > If anonymous view access has been denied to a section, is it possible to exclude pages from that section from the results of a search? > > And from there, is it possible to not show navigation nodes for sections the anonymous (or any users) does not have access to? This is another of these situations where custom navigation mechanisms demonstrate why it is not really sensible to provide default navigation. Although I am not using it in production at present, I had to code up my own navigation for this (i.e. hiding items based on permissions). In regard to NOT finding HTML pages that have authentication on them for anonymous users - this could be a costly exercise if you want to apply the filter at runtime when the list is being displayed. What we do, is let them find the document (we dont index HTML - just our PDFs) and then normal authentication forces them to log in when they get the object. This is true for all our PDFs though - so we didnt have to code anything specific. I am guessing it would work the same for HTML objects. They would all show up - but then you would be forced to authenticate if you selected the link. What you could do for both "protected" and "open" pages is provide a CUSTOM field in your Verity indexing that provided that indicator (so you didnt have to do the coding at display time). See, Verity would have to still index the whole slab of HTML in one collection. Another way to do it would be to have TWO indexing routines and maintain TWO Verity collections (one for the public stuff and one for the authenticated stuff). When the user is authenticated - search both collections. When they aren't - search only the public/open one. If you have more than two the same principle applies. I have used that mechanism in previous CF sites and it works seamlessly. I am not sure how easy it would be to do it using FarCry Verity maintenance though (we maintain our own verity collections independent of FarCry). Gary Menzel Web Development Manager IT Operations Brisbane -+- ABN AMRO Morgans Limited Level 29, 123 Eagle Street BRISBANE QLD 4000 PH: 07 333 44 828 FX: 07 3834 0828 If this communication is not intended for you and you are not an authorised recipient of this email you are prohibited by law from dealing with or relying on the email or any file attachments. This prohibition includes reading, printing, copying, re-transmitting, disseminating, storing or in any other way dealing or acting in reliance on the information. If you have received this email in error, we request you contact ABN AMRO Morgans Limited immediately by returning the email to [EMAIL PROTECTED] and destroy the original. We will refund any reasonable costs associated with notifying ABN AMRO Morgans. This email is confidential and may contain privileged client information. ABN AMRO Morgans has taken reasonable steps to ensure the accuracy and integrity of all its communications, including electronic communications, but accepts no liability for materials transmitted. Materials may also be transmitted without the knowledge of ABN AMRO Morgans. ABN AMRO Morgans Limited its directors and employees do not accept liability for the results of any actions taken or not on the basis of the information in this report. ABN AMRO Morgans Limited and its associates hold or may hold securities in the companies/trusts mentioned herein. Any recommendation is made on the basis of our research of the investment and may not suit the specific requirements of clients. Assessments of suitability to an individual?s portfolio can only be made after an examination of the particular client?s investments, financial circumstances and requirements. ABN AMRO Morgans Limited (ABN 49 010 669 726 AFSL 235410) A Participant of ASX Group --- You are currently subscribed to farcry-dev as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004 --- You are currently subscribed to farcry-dev as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004
