You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Jan Høydahl (JIRA)" <ji...@apache.org> on 2018/03/16 13:30:00 UTC
[jira] [Commented] (SOLR-11781) Pass impersonator info to the
authorization plugin
[ https://issues.apache.org/jira/browse/SOLR-11781?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16401888#comment-16401888 ]
Jan Høydahl commented on SOLR-11781:
------------------------------------
Hi. I have a need to implement audit logging plugin as well, and was considering where to put it, either as part of Authentication plugin, as part of Authorization plugin or as a new plugin type intercepting all requests. Would love to hear more about how you did it.
In our case we need arbitrary information from the JWT token parsed by authentication plugin. Is there any method to pass information (except for the user principle) from Authentication to authorization? Can Auth plugin fill information in AuthorizationContext?
> Pass impersonator info to the authorization plugin
> --------------------------------------------------
>
> Key: SOLR-11781
> URL: https://issues.apache.org/jira/browse/SOLR-11781
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Affects Versions: 7.0
> Reporter: Hrishikesh Gadre
> Priority: Minor
>
> SENTRY-1475 implemented Solr authorization plugin based on Sentry. This also includes the audit log functionality in Sentry. Currently authorization context is not providing the impersonator information which is required for the audit logs. We should improve Solr authorization framework to pass this extra information.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org