One of the issues new GSA users have when evaluating search results in a mixed security environment is determining whether the results are coming from secure or public index sources.
Cause:The default frontend UI for the search appliance has a radio button that offers the choice of "public" or "public and secure" results. By examining the HTML source of that form, one can see that it alters the access search parameter.
The search URL can be directly modified (or the GSA administrator can customize the frontend look and feel). The access parameter has three states:
- access=p - The GSA will only return results from content that has been marked as public. Even if the search user was previously authenticated, the appliance will only return public results.
- access=a - The GSA mixes both secure and public results. In cases where authentication or authorization fails, the search user may still see results because public results are still retrieved.
- access=s - The GSA will only return secure results. This is an atypical search case, but can be used to effectively ensure that results are actually coming from secure authorization.
We strongly recommend GSA administrators become familiar with the Search Protocol Reference document, as it contains information about these and other query parameters, and details many of the special query terms and information available to customize search results.