I received an email from an ex-student today that forced me to remember how to send an authenticated query to the QRServer in FAST Search for SharePoint.
The reason for doing this is that when you issue a query through the SharePoint UI, additional security parameters are sent to FAST along with the query. But when you go directly against the QRServer interface (accessible through http://localhost:13280 directly in the server running the query component in the FAST farm), the queries typed in there are sent without any security parameters by default, which means you will not get back any results that require security permissions (such as all your crawled SharePoint content, for example).
I’ve sent instructions to students on how to get authenticated results from the QRServer many times in the past, and even commented about it in this post here, but I just realized I never posted this here on the blog, so I’m doing it now to make this information easier to be found.
Below are the steps to get secure results through the QRServer without having to modify qtf-config.xml (which is something advisable):
Note: you will need to perform the steps below in a query server in your FAST farm
- Edit %FASTSEARCH%\components\sam\worker\user_config.xml
<add name=”AllowNonCleanUpClaimsCacheForTestingOnly” value=”false” type=”System.Boolean” />To:
<add name=”AllowNonCleanUpClaimsCacheForTestingOnly” value=”true” type=”System.Boolean” />
- To pick up your changes, open a command prompt window and restart the samworker
nctrl restart samworker
- Make sure the samworker is running. If it is not running, check your previous edits.
- Execute a query through a search center in SharePoint and ensure results are returned. You will use the security credentials from this query to get secure results from the QRServer.
- Navigate to %FASTSEARCH%\var\log\querylogs and open your latest query log (if the file is locked; make a copy of the file and open the copy).
- Locate and copy this parameter: &qtf_securityfql:uid=<token>= (the trailing equal sign should be included)
- Navigate to the qrserver page: http://localhost:13280/
- In the additional parameters text box add:
- Issue a query and ensure you get secure results back.
Another way to also get authenticated results (from outside the SharePoint UI) without having to make any modifications in your system, is to use the terrific FAST Search for SharePoint 2010 Query Logger tool created by Mikael Svenson.