Local Windows Security Source

This section describes the configuration of a local Windows security source on Windows platforms.

This page discusses:

See Also
Remote HTTP Security Source
Local UNIX Security Source
LDAP Security Source
Federate Several Security Sources

Technical Overview

The local Windows security source actually corresponds to the instance of a local security source in an Exalead CloudView installation on a Windows system (2000 / XP / 2003 / Vista / 2008).

The Windows local security source implementation relies on the Windows SSPI authentication tools used for managing user authentication on a Windows system. This means that every user with login rights to the system where Exalead CloudView is installed can be identified by this security source.

User Login

Users are identified by their Windows account name.

User Groups

The Windows group the user belongs to are returned.

Security Tokens

Security tokens are generated for each user. These security tokens may match the document's ACLs from a filesystem, Microsoft Exchange, or Microsoft Office Sharepoint Server connector.

There are security tokens generated for the user and group. The following are examples of security tokens generated from users and groups.

  • If the user smith has an SID S-1-5-19819-101018018-189989898, the following security tokens are generated: windows:S-1-5-19819-101018018-189989898.

  • If the group Exalead has an SID S-1-5-19819-101018018-189989898, the generated security tokens for this group are windows:S-1-5-19819-101018018-189989898.

Configuring the Security Source

The following parameters control the local windows connection used for implementing this security source.

  • Domain: Domain used to identify the user.

  • login as a token: To push the login as a security token.

    <SecuritySource name=”Windows”
 classId="exa:com.exalead.security.sources.local.windows.WindowsLocalSecuritySource"
   connectorServer=”java0”> 
  <config>
      <KeyValue key="domain" value=”exalead”/>
   </config>
</SecuritySource>