Enterprise search systems allow content within an organization to be indexed, searched, and displayed to authorized users within the organization. In order to provide this functionality, enterprise search engines typically must index and query against structured and unstructured data and documents stored by multiple, independent, third-party enterprise software applications and systems. For instance, in many cases an enterprise search system must index and query against data stored in intranets, document and content management systems, file servers, corporate desktops, business applications such as customer relationship management and business intelligence applications, and other types of content stores.
In contrast to public search engines that search publicly available data and allow virtually any user to execute queries on the data, such as World Wide Web (“Web”) search engines, enterprise search systems generally index data for which access may be limited. For instance, a document indexed by an enterprise search system may have an associated access control list that includes one or more access control entries that identify the access rights a user has to the document. As a result, when an enterprise search system executes a query, it must ensure that the user executing the query has sufficient access rights to view the search results returned in response to the query.
When a typical user executes a query for desired data, the expectation is that the results will be displayed in an organized manner that allows for efficient browsing of the returned documents. For example, the search results are usually displayed in groups such as ten results per page and sorted according to some type of hierarchy such as by relevance to the search terms input by the user. The user may also be given information as to the total number of results located and number of pages of results.
This manner of displaying search results to a user becomes problematic for several reasons in the context of enterprise search systems that must ensure that the user has access rights to the search results prior to providing the user with access to the results or with information regarding the existence of the results. First, knowledge of the existence of documents that are relevant to the search terms but are not available to the user due to a lack of access rights undesirably provides the user with information that he may be able to exploit. For this reason, only information pertaining to results that the user has access rights to should be provided to the user.
For example, although the number of documents located during the search query is easily determined, it cannot be provided to the user unless the user has authorization to access every document. The alternative, providing the number of results located from the search query that the user will have authorization to access, is difficult to provide to the user without retrieving each document that is relevant to the search terms and determining whether the user has access rights to those documents, an action that is time consuming and expensive. Additionally, paging between previously visited pages may require an enterprise search system to redundantly determine the access rights for results already displayed to the user on previously visited pages since data used to track previously visited result pages may not be saved on a Web server in a stateless server architecture.
It is with respect to these considerations and others that the disclosure made herein is provided.