Using Separate Security Identity Providers per Sitecore Index

The first time you rebuild your indexes in Sitecore, Coveo for Sitecore creates a single security provider in the Coveo Platform for all indexes. This security provider is named after a combination of your host and instance names.

You have a Sitecore instance named SitecoreInstance running on host WKS-000236. When you rebuild your indexes, Coveo for Sitecore creates a security provider named Sitecore Security Provider for WKS-000236-SitecoreInstance in the Coveo Platform.

Typically, you may want to use a separate security provider for each index for security purposes. If you want to make sure that a search page published in the web index can’t query for items in the master index, you should specify a different security provider for the master and the web indexes.

Procedure

The current procedure shows you how to modify the name of the security provider corresponding to the Sitecore master index.

  1. Open the Coveo.SearchProvider.Custom.config file using a text editor.
  2. Create the element for the master index configuration. It should look like this:

     <configuration xmlns:patch="http://www.sitecore.net/xmlconfig/">
       <sitecore>
         <contentSearch>
           <configuration>
             <indexes>
               <index id="Coveo_master_index">
               </index>
             </indexes>
           </configuration>
         </contentSearch>
       </sitecore>
     </configuration>
    
  3. Add an element named configuration that references the defaultIndexConfiguration.

  4. Add an element named securityProviderName that encloses the desired security provider name in Coveo. For example, you could name it SecurityProviderForMasterIndex.

  5. Add an element named searchServiceProvider. Your index configuration should now look like this:

     <configuration xmlns:patch="http://www.sitecore.net/xmlconfig/">
       <sitecore>
         <contentSearch>
           <configuration>
             <indexes>
               <index id="Coveo_master_index">
                 <configuration ref="coveo/defaultIndexConfiguration">
                   <securityProviderName>SecurityProviderForMasterIndex</securityProviderName>
                 </configuration>
                 <searchServiceProvider type="Coveo.SearchServiceProvider.Rest.ClientSessionWrapperFactory, Coveo.SearchServiceProvider.Rest">
                   <httpHandler type="Coveo.SearchProvider.Rest.SitecoreRestHttpHandler, Coveo.SearchProvider.Rest">
                     <configuration ref="coveo/restEndpointConfiguration" />
                   </httpHandler>
                 </searchServiceProvider>
               </index>
             </indexes>
           </configuration>
         </contentSearch>
       </sitecore>
     </configuration>
    

    The securityProviderName element is case-sensitive. Make sure that the value you enter matches exactly the casing of the corresponding security provider in the Coveo Platform. Typically, a security provider name should look like this: Sitecore Security Provider for WKS-000236-SitecoreInstance.

  6. Do the same for the web index. You could name it SecurityProviderForWebIndex.

  7. Save the file and re-index your items (Sitecore Desktop > Control Panel >Indexing > Indexing Manager).

    You can validate that the new security providers have been created in the Coveo Cloud Administration Console:

    The first re-indexing may take longer, as a new security provider needs to be created. Please note that old security providers aren’t deleted.

Recommended Articles