A set of Custom Security Trimmers (CST) for use with search in Microsoft Office SharePoint Server 2007, and Microsoft Search Server 2008. All of the CSTs have been combined into a single assembly. All of the CSTs log to the ULS log. Many of the CSTs derive from a base class to reduce the amount of repetitive code.
The following is a list of CSTs included:
HttpSecurityTrimmer – Security trims HTTP results from web sites protected with Windows Integrated security. This can be used on an intranet when search is configured to use Windows Integrated security. Kerberos delegation is required.
SiteCollectionSecurityTrimmer – Restricts search results to results from the site collection where the query was submitted. Useful in extranet scenarios where you want to trim results from other site collections where all authenticated users were granted access.
WebServiceTrimmer – A web service is used in conjunction with the security trimmer to provide the logic to determine if a url should be removed from search results. The sample web service consists of a single web method call. A batch of urls is sent to the web service to minimize the impact of the overhead associated with reach round trip.
AlwaysTrimSecurityTrimmer – This CST will either always remove all search results or it will not remove any results depending on how it was configured. This is useful for testing the overhead associated with a custom security trimmer. This is useful for testing purposes and learning how CSTs work.
FileSystemSecurityTrimmer – Provides query time security trimming of NTFS file shares. The Search engine security trims search results based on ACLs collected during the last crawl. This CST validate that the user still has access to these documents. This is useful in situations where there’s frequent updates to ACLs on files and you want to ensure that a user who had access to see a file at the time of the last crawl but, who’s access has changed.
FormsAuthenticationTrimmer – Based on the MSDN FBA sample. Consists of a web part that prompts the user for their username and password required to login to the web site protected by forms-based authentication. This web part allows you to configure the url for the web site and includes some performance improvements.