You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@lucene.apache.org by ja...@apache.org on 2019/03/30 23:04:29 UTC

[lucene-solr] branch solr-13344 created (now b6f037c)

This is an automated email from the ASF dual-hosted git repository.

janhoy pushed a change to branch solr-13344
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git.


      at b6f037c  SOLR-13344

This branch includes the following new commits:

     new b6f037c  SOLR-13344

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[lucene-solr] 01/01: SOLR-13344

Posted by ja...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

janhoy pushed a commit to branch solr-13344
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git

commit b6f037c7e02142cb272e4d502a81697235ceb8f1
Author: Jan Høydahl <ja...@apache.org>
AuthorDate: Sun Mar 31 00:03:44 2019 +0100

    SOLR-13344
---
 solr/CHANGES.txt                                             | 2 ++
 solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java | 1 +
 2 files changed, 3 insertions(+)

diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index b98b640..1b337eb 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -150,6 +150,8 @@ Bug Fixes
 
 * SOLR-13349: High CPU usage in Solr due to Java 8 bug (Erick Erickson)
 
+* SOLR-13344: Admin UI inaccessible with RuleBasedAuthorizationPlugin (janhoy, Jason Gerlowski)
+
 Improvements
 ----------------------
 
diff --git a/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java b/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java
index 38145f3..54b9349 100644
--- a/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java
+++ b/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java
@@ -550,6 +550,7 @@ public class HttpSolrCall {
   private boolean shouldAuthorize() {
     if(PublicKeyHandler.PATH.equals(path)) return false;
     //admin/info/key is the path where public key is exposed . it is always unsecured
+    if ("/".equals(path)) return false; // Static Admin UI servlet must always be served 
     if (cores.getPkiAuthenticationPlugin() != null && req.getUserPrincipal() != null) {
       boolean b = cores.getPkiAuthenticationPlugin().needsAuthorization(req);
       log.debug("PkiAuthenticationPlugin says authorization required : {} ", b);