Gravatar for nvsrinivasmca@gmail.com

Question by pnvsrinivas, Sep 2, 2015 6:19 AM

How to implement Custom Security Provider ?

Hi,

Can any one help me to fix the following issue.

We have written the GetMappings and GetMembers methods as follows,

public override void GetMappings(Member p_User, SIDV p_SIDs, SIDDeclaratorV p_SIDDeclarators)
{
    _log.WriteLine(MsgType.File, "GetMappings: " + p_User.Name);
    Member mUser = new Member(p_User.Name, MemberType.User);
    p_SIDDeclarators.Add(CreateSIDDeclarator(mUser, SecurityType.ActiveDirectory));
}

public override void GetMembers(Member p_Member, SIDV p_SIDs, SIDDeclaratorV p_SIDDeclarators)
{
    log("GetMembers: "+ p_Member.Name);
    if (p_Member.IsGroup)
    {
        string[] users = new string[] { "mspeer", "ajohn"};// GetUsers(p_Member.Name).ToArray();
        log("Called RefreshUsers: "+string.Join(";",users));
        if (userList != null)
        {
            foreach (string user in userList)
            {
                p_SIDs.Add(CreateSID(new Member(user, MemberType.User)));
            }
        }
        else
        {
            log("GetMembers is null");
        }
    }
    else
    {
        log("GetMembers: User found, : "+p_Member.Name);
    }
    log("GetMembers done.");
}

But those two users are not getting the results, but same code for other custom security providers is working.

Can any one help me to fix this issue?

Thanks,
Srinivas PNV.

1 Reply
Gravatar for ldblanchet@coveo.com

Answer by ldblanchet, Sep 2, 2015 9:58 AM

As I see it, any groups you have in your system would be expanded to "mspeer" and "ajohn". Then, these users would be sent to the GetMappings method where you would map them to their AD user equivalent.

You have some logging going on there, could you show us what logs are produced when you expand the security cache?

At first glance, the code seems good, so the reasons these users cannot find documents I can think of are the following :

  • You have no groups on your documents, so GetMembers is never called.
  • The AD mapping for these users fail
  • when these users try to search for documents, they are not performing the search as "mspeer" or "ajohn"
  • You use the SecurityType.ActiveDirectory in your CreateSIDDeclarator call, make sure your security provider requirements are properly configured
Ask a question