lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl (JIRA) <>
Subject [jira] [Commented] (SOLR-8429) add a flag blockUnauthenticated to BasicAutPlugin
Date Thu, 17 Dec 2015 00:25:46 GMT


Jan Høydahl commented on SOLR-8429:

Let's make it default to true from 5.5, aligning with what people expect after enabling auth
in any piece of software. We can fix back-compat using {{luceneMatchVersion}}, or I'm also
OK with treating this as a Bug, documenting the change in CHANGES, since the refGuide does
not even mention the current behavior.

Is it at all possible with 5.4 to make BasicAuth work without also specifying authorization?

> add a flag blockUnauthenticated to BasicAutPlugin
> -------------------------------------------------
>                 Key: SOLR-8429
>                 URL:
>             Project: Solr
>          Issue Type: Improvement
>            Reporter: Noble Paul
>            Assignee: Noble Paul
> If authentication is setup with BasicAuthPlugin, it let's all requests go through if
no credentials are passed. This was done to have minimal impact for users who only wishes
to protect a few end points (say , collection admin and core admin only)
> We can add a flag to {{BasicAuthPlugin}} to allow only authenticated requests to go in

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message