Hi,
I'm investigating the possibilities for developing a federated search connector for SharePoint 2013 Online. This should allow us to search a customer's database through our custom developed application (both on premise). We intend to develop an remote federated search connector (using OpenSearch protocol) and configure a result source in SharePoint for that connector.
The problem I'm struggling with is that I want different search results from this ressult source based on the permissions of the user that is executing the search. The admin should find a lot because he has permissions on certain items in the custom application. The employee should find just a few because he has no permissions on certain items in the custom application. We developed the custom application ourselveds and the search in that application is taking permissions into account: it doesn't return results if a user doesn't have sufficient permissions. That part works just fine.
However, to be able to use that, the remote federated search connector must be able to identify the user that is executing the search in SharePoint Online. So: how do I get the SharePoint user context in the remote federated search connector?
I know I can configure the replacement token {User.Name} in the result source configuration, but that gives me the name of the user only. This is insufficient to get an identity, principal, token or whatever, that let's me log in into our custom application.
I also know that in a provider hosted app, user context is passed through from SharePoint and is known within the remote app. But since result sources need fixed (or anonymous) credentials configuration for connecting to the remote federated search connector, all users will be using the same credentials. This makes me assume these credentials are for securing communication and cannot be used within the execution of the search within the remote federated search connector.
At the moment, I'm stuck. Any help will be greatly appreciated.
Cheers,
Ruud.