Search Appliance

 

Thunderstone Search Appliance Manual

DBWalker Authentication Overview

There are two ways to do authentication with the remote database. Authentication information can be stored in the config file, or it can be provided dynamically.

If a username and password are provided in the configuration, then that user/pass will be used for every request for that config. This has the advantage that users never have to input a username/password, but also has the security disadvantage that anyone who opens the website can see the data. Depending on the contents of the database, this may or may not be significant.

The other option is to not include a username or password in the configuration. When DBWalker is invoked by in this situation, it will prompt for a username/password (via Basic authentication). If the remote database accepts the credentials, the page is displayed. For the Search Appliance to walk these pages, it will have to know a valid username/password for the pages. This is supplied in the Login Info of All Walk Settings ((here).

This integrates well with Results Authorization. if the Search Appliance's search is set to use Authorized Search Results with "Prompt via Form", the credentials will automatically be verified with DBWalker.

To summarize a few key points:


Copyright © Thunderstone Software     Last updated: Mar 21 2023