Sites that require forms-based authentication or cookie-based authentication are not crawled in SharePoint Server 2007

Article translations Article translations
Article ID: 934577 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

Microsoft Office SharePoint Server 2007 or Microsoft Office SharePoint Server 2007 for Search is directed to crawl content that is saved on sites that require forms-based authentication or cookie-based authentication. However, only the logon page of a site is crawled.

Note This problem does not apply to content that is saved on a SharePoint Server 2007 site or on a Windows SharePoint Services 3.0 site. For these sites, you must configure the Web application default zone to use NTLM authentication to index the sites. For more information, visit the following Microsoft Web site:
http://technet2.microsoft.com/windowsserver/WSS/en/library/378c4673-0814-4255-a79c-7c4b6a4732a51033.mspx

RESOLUTION

To resolve this problem, apply the hotfix package, use the AddRule.exe command-line tool to add a crawl rule, and then crawl the sites.

For more information about the AddRule.exe command-line tool, see the "More Information" section.

How to obtain the hotfix

This problem is fixed in a Microsoft Office SharePoint Services hotfix package.

For more information about the SharePoint Server 2007 hotfix package, click the following article number to view the article in the Microsoft Knowledge Base:
939077 Description of the SharePoint Server 2007 hotfix package for SharePoint Server 2007 and for SharePoint Server 2007 for Search: June 24, 2007

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

To enable the crawling of sites that require forms-based authentication or cookie-based authentication, use the AddRule.exe command-line tool after you apply this hotfix. To obtain the AddRule.exe command-line tool, visit the following Microsoft Web site:
http://www.microsoft.com/downloads/details.aspx?FamilyId=D5090BC4-5B4F-411B-8CDE-E37D33F7EFDF

Command-line use

Collapse this tableExpand this table
AddRule.exe This command displays the following help text:
Usage: AddRule.exe <xml file>

The structure of the input file is specified in the instructions provided with this hotfix.
AddRule.exe input xml fileThis command will add the crawl rule based on the XML file. These rules are added to the end of their current set of crawl rules. The administrator can later change the order by using the user interface.

If the XML file is malformed, you may receive an error message.
You may receive the following error messages if the XML file is malformed.
  • If there is no <Rules> tag, you receive the following error message:
    Syntax error: [rules] element not found as the only node at the root.
  • If a required node is missing in the XML file, you receive the following error message:
    Syntax error: <missing node> element unexpected.
  • If a node in the XML file is incorrectly duplicated, you receive the following error message:
    Syntax error: <node name> element already exists for the current rule
  • If the type is not "FORM" or "COOKIE," you receive the following error message:
    Syntax error: unrecognized value for the <type> element
  • If the login_type is not "POST," you receive the following error message:
    Syntax error: unrecognized value for the <login_type> element
    Note If the administrator reruns this command by using another input file and then finds that the path is identical to an existing rule, the command will modify the rule.

Crawl rules object model

The CrawlRuleAuthenticationType enumeration includes the following new values:
  • FormsRuleAccess = 4
  • CookieRuleAccess = 5
The SetCredentials method in the crawl rules object model is overloaded with two new implementations.

The forms-based authentication rule takes the following input parameters in the following order:
  • type::CrawlRuleAuthenticationType: This will be FormsRuleAccess.
  • AuthSubmissionMethod::String: This will be "POST."
  • AuthSubmissionPath::String: This is the URL in which the parameters should be posted.
  • authData::NameValueCollection: This is where the hidden name value pairs are stored.
  • privateAuthData:: NameValueCollection: This is where the encrypted name value pairs such as user names and passwords are stored.
  • errorPages::StringCollection: This will store the various error pages that would indicate to the crawler to refetch a cookie or to fail the URL with an "Access Denied" error message.
The cookie-based authentication rule takes the following input parameters in the following order:
  • type::CrawlRuleAuthenticationType: This will be CookieRuleAccess.
  • cookies::StringCollection: This will store the cookies that the crawler should use.
  • errorPages::StringCollection: This will store the various error pages that would indicate to the crawler to fail the URL with an "Access Denied" error message.
Note The encryption of the name value pairs and of the cookies is performed by using the same mechanism that is currently available.

Custom security trimming for Enterprise Search results

After the content that is stored on sites that require forms-based authentication or cookie-based authentication is crawled by the indexer, the content search results are returned for all users regardless of the users' credentials. If you have to security trim this content, refer to the "Custom Security Trimming for Enterprise Search Results Overview" topic. To view this topic, visit the following Microsoft Web site:
http://msdn2.microsoft.com/en-us/library/aa981236.aspx

Properties

Article ID: 934577 - Last Review: October 8, 2011 - Revision: 2.0
APPLIES TO
  • Microsoft Office SharePoint Server 2007
  • Microsoft Office SharePoint Server 2007 for Search (Enterprise Edition)
  • Microsoft Office SharePoint Server 2007 for Search (Standard Edition)
Keywords: 
kbmoss2007postrtmfix kberrmsg kbexpertiseinter kbqfe kbbug kbfix KB934577

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com