lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SOLR-12120) New plugin type AuditLoggerPlugin
Date Thu, 02 May 2019 23:04:00 GMT

    [ https://issues.apache.org/jira/browse/SOLR-12120?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16832069#comment-16832069
] 

ASF subversion and git services commented on SOLR-12120:
--------------------------------------------------------

Commit 55ce908068e3cc9a03c4ced3014e00934df5f2b1 in lucene-solr's branch refs/heads/branch_8_1
from Jan Høydahl
[ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=55ce908 ]

SOLR-12120: Fix bug in draining queue before shutdown

(cherry picked from commit cdd130ccb69e4483ca4fa488c3e9f0b88631cfcb)


> New plugin type AuditLoggerPlugin
> ---------------------------------
>
>                 Key: SOLR-12120
>                 URL: https://issues.apache.org/jira/browse/SOLR-12120
>             Project: Solr
>          Issue Type: New Feature
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: security
>            Reporter: Jan Høydahl
>            Assignee: Jan Høydahl
>            Priority: Major
>             Fix For: 8.1
>
>          Time Spent: 3h 10m
>  Remaining Estimate: 0h
>
> Solr needs a well defined plugin point to implement audit logging functionality, which
is independent from whatever {{AuthenticationPlugin}} or {{AuthorizationPlugin}} are in
use at the time.
> It seems reasonable to introduce a new plugin type {{AuditLoggerPlugin}}. It could be
configured in solr.xml or it could be a third type of plugin defined in {{security.json}},
i.e.
> {code:java}
> {
>   "authentication" : { "class" : ... },
>   "authorization" : { "class" : ... },
>   "auditlogging" : { "class" : "x.y.MyAuditLogger", ... }
> }
> {code}
> We could then instrument SolrDispatchFilter to the audit plugin with an AuditEvent at
important points such as successful authentication:
> {code:java}
> auditLoggerPlugin.audit(new SolrAuditEvent(EventType.AUTHENTICATED, request)); 
> {code}
>  We will mark the impl as {{@lucene.experimental}} in the first release to let it settle
as people write their own plugin implementations.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message