lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl (JIRA) <j...@apache.org>
Subject [jira] [Comment Edited] (SOLR-13116) Add Admin UI login support for Kerberos
Date Tue, 08 Jan 2019 23:58:00 GMT

    [ https://issues.apache.org/jira/browse/SOLR-13116?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16737558#comment-16737558
] 

Jan Høydahl edited comment on SOLR-13116 at 1/8/19 11:57 PM:
-------------------------------------------------------------

>From the stack trace it is evident that the response from Kerberos auth plugin does contain
a {{WWW-Authenticate}} but when trying to split this in a schema and parameters with regex
{{/(\w+)\s+(.*)/}} then there is not match, so probably the header has some other format.

Could you perhaps check the WWW-Authenticate header in the browser's debug panel under the
Network tab? Then we can either change the parsing of the pattern or we can change the header
sent by Kerberos plugin to carry information about the scheme.

According to [https://tools.ietf.org/html/rfc4559#section-4|https://tools.ietf.org/html/rfc4559#section-4)] the
plain string "Negotiate" is returned in the first phase of Kerberos, so the regex fails. Working
on a better parsing code.


was (Author: janhoy):
>From the stack trace it is evident that the response from Kerberos auth plugin does contain
a {{WWW-Authenticate}} but when trying to split this in a schema and parameters with regex
{{/(\w+)\s+(.*)/}} then there is not match, so probably the header has some other format.

Could you perhaps check the WWW-Authenticate header in the browser's debug panel under the
Network tab? Then we can either change the parsing of the pattern or we can change the header
sent by Kerberos plugin to carry information about the scheme.

> Add Admin UI login support for Kerberos
> ---------------------------------------
>
>                 Key: SOLR-13116
>                 URL: https://issues.apache.org/jira/browse/SOLR-13116
>             Project: Solr
>          Issue Type: New Feature
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Admin UI
>    Affects Versions: 8.0, 7.7
>            Reporter: Jan Høydahl
>            Priority: Major
>         Attachments: eventual_auth.png
>
>
> Spinoff from SOLR-7896. Kerberos auth plugin should get Admin UI Login support.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message