lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cassandra Targett (JIRA)" <>
Subject [jira] [Commented] (SOLR-7896) Add a login page for Solr Administrative Interface
Date Fri, 04 Jan 2019 14:48:00 GMT


Cassandra Targett commented on SOLR-7896:

bq. If the user opens a page or attempts an action that requires authentication, then the
login screen is presented with a message from whatever Auth plugin is active. I guess this
will look like a dead end, as the only menu option will be "Login" at this point. But opening
a new browser tab will bring back the full UI. But opening a new browser tab will bring back
the full UI.

I'm confused about the last sentence there. I don't quite understand how opening a new browser
tab bypasses the login screen?

> Add a login page for Solr Administrative Interface
> --------------------------------------------------
>                 Key: SOLR-7896
>                 URL:
>             Project: Solr
>          Issue Type: New Feature
>          Components: Admin UI, Authentication, security
>    Affects Versions: 5.2.1
>            Reporter: Aaron Greenspan
>            Assignee: Jan Høydahl
>            Priority: Major
>              Labels: authentication, login, password
>             Fix For: master (8.0), 7.7
>         Attachments: dispatchfilter-code.png, login-page.png, login-screen-2.png, logout.png,
>          Time Spent: 1h 20m
>  Remaining Estimate: 0h
> Now that Solr supports Authentication plugins, the missing piece is to be allowed access
from Admin UI when authentication is enabled. For this we need
>  * Some plumbing in Admin UI that allows the UI to detect 401 responses and redirect
to login page
>  * Possibility to have multiple login pages depending on auth method and redirect to
the correct one
>  * [AngularJS HTTP interceptors|$http#interceptors] to
add correct HTTP headers on all requests when user is logged in
> This issue should aim to implement some of the plumbing mentioned above, and make it
work with Basic Auth.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message