Security Trimming

Welcome to this tiny blog on custom security trimming for search in SharePoint 2013.

Please visit the official MSDN documentation for the overview and
definitive source of documentation of this feature:

http://msdn.microsoft.com/en-us/library/ee819930.aspx

Typical scenarios to support could be to enable searching securely in 3rd-party content sources.

Back in SharePoint 2010 only post-trimming was offered for solving this scenario. Post-trimming refers to post-query evaluation where search results are pruned before they are returned to the user. With the new and shiny SharePoint 2013, we have now two types of security trimmers in our toolbox:

  • Pre-Trimmer
  • Post-Trimmer

The new pre-trimmer type is where the trimmer logic is invoked pre-query evaluation. The search server backend rewrites the query adding security information before the index lookup in the search index.

It is our hope to present you with explanations and examples showing you:

  • How to take an existing connector, modify it to submit our own security ACLs as security claims directly, install it and deploy it
  • How to write and deploy a custom security pre-trimmer
  • How to write and deploy a custom security post-trimmer

I will write up a few blog posts on this in the coming days.
Stay tuned!