lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Noble Paul (JIRA)" <>
Subject [jira] [Commented] (SOLR-8429) add a flag blockUnknown to BasicAutPlugin
Date Fri, 18 Dec 2015 12:50:46 GMT


Noble Paul commented on SOLR-8429:

bq.have any clue that absolutely nothing will be protected – unless that was the default?

A person configuring security will follow our documentation. Our documentation will have {{blockUnknown=true}}
in the sample. So his setup is be protected automatically.

bq.Related: Should we protect the user against locking herself out, 

Nice to have. Anyway he has the option of overwriting the {{security.json}} if he screws up

> add a flag blockUnknown to BasicAutPlugin
> -----------------------------------------
>                 Key: SOLR-8429
>                 URL:
>             Project: Solr
>          Issue Type: Improvement
>            Reporter: Noble Paul
>            Assignee: Noble Paul
> If authentication is setup with BasicAuthPlugin, it let's all requests go through if
no credentials are passed. This was done to have minimal impact for users who only wishes
to protect a few end points (say , collection admin and core admin only)
> We can add a flag to {{BasicAuthPlugin}} to allow only authenticated requests to go in

> the users can create the first security.json with that flag
> {code}
> server/scripts/cloud-scripts/ -z localhost:9983 -cmd put /security.json '{"authentication":
{"class": "solr.BasicAuthPlugin", 
> "blockUnknown": true,
> "credentials": {"solr": "orwp2Ghgj39lmnrZOTm7Qtre1VqHFDfwAEzr0ApbN3Y= Ju5osoAqOX8iafhWpPP01E5P+sg8tK8tHON7rCYZRRw="}}}'
> {code}
> or add the flag later
> using the command
> {code}
> curl  http://localhost:8983/solr/admin/authentication -H 'Content-type:application/json'
-d  '{ 
> {set-property:{blockUnknown:true}
> }'
> {code}

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message