lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl (JIRA) <j...@apache.org>
Subject [jira] [Commented] (SOLR-12121) JWT Authentication plugin
Date Tue, 04 Sep 2018 09:39:01 GMT

    [ https://issues.apache.org/jira/browse/SOLR-12121?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16602826#comment-16602826
] 

Jan Høydahl commented on SOLR-12121:
------------------------------------

[~caomanhdat] I think the easiest is to tackle this on-demand, i.e. if http2 lands on master
first, then this issue needs to adjust, or if this lands first then the http2 feature needs
to adjust. I have a goal of landing this on master during September...

> JWT Authentication plugin
> -------------------------
>
>                 Key: SOLR-12121
>                 URL: https://issues.apache.org/jira/browse/SOLR-12121
>             Project: Solr
>          Issue Type: New Feature
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Authentication
>            Reporter: Jan Høydahl
>            Assignee: Jan Høydahl
>            Priority: Major
>             Fix For: master (8.0)
>
>         Attachments: image-2018-08-27-13-04-04-183.png
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> A new Authentication plugin that will accept a [Json Web Token|https://en.wikipedia.org/wiki/JSON_Web_Token]
(JWT) in the Authorization header and validate it by checking the cryptographic signature.
The plugin will not perform the authentication itself but assert that the user was authenticated
by the service that issued the JWT token.
> JWT defined a number of standard claims, and user principal can be fetched from the {{sub}} (subject)
claim and passed on to Solr. The plugin will always check the {{exp}} (expiry) claim and optionally
enforce checks on the {{iss}} (issuer) and {{aud}} (audience) claims.
> The first version of the plugin will only support RSA signing keys and will support fetching
the public key of the issuer through a [Json Web Key|https://tools.ietf.org/html/rfc7517]
(JWK) file, either from a https URL or from local file.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message