You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Noble Paul (JIRA)" <ji...@apache.org> on 2015/06/16 17:48:00 UTC
[jira] [Created] (SOLR-7692) Implement BasicAuth based impl for the
new Authentication/Authorization APIs
Noble Paul created SOLR-7692:
--------------------------------
Summary: Implement BasicAuth based impl for the new Authentication/Authorization APIs
Key: SOLR-7692
URL: https://issues.apache.org/jira/browse/SOLR-7692
Project: Solr
Issue Type: New Feature
Reporter: Noble Paul
This involves various components
h2. Authentication
A basic auth based authentication filter. This should retrieve the user credentials from ZK. The user name and sha1 hash of password should be stored in ZK
sample authentication json
{code:javascript}
{
"authentication":{
"class": "solr.BasicAuth",
"users" :{
"john" :{
"pwd":"09fljnklnoiuy98",
"role":["admin", "guest"]
},
"david":{
"pwd":"f678njfgfjnklnoiuy9865ty",
"role":["guest"]
},
"pete": {
"pwd":"87ykjnklndfhjh898uyiy98",
"role":["guest"]
}
}
}
}
{code}
h2. authorization plugin
This would store the roles of various users and their privileges in ZK
sample authorization.json
{code:javascript}
{
"authorization": {
"class": "solr.ZKAuthorization",
"permissions": {
"collectionadmin": {
"roles": ["admin"]
},
"coreadmin":{
"roles":["admin"]
},
"config-api": {
//all collections
"roles": ["admin"]
},
"schema-api": {
"roles": ["admin"]
},
"update": {
//all collections
"roles": null
},
"query":{
"roles":null
},
"mycoll_update": {
"collection": "mycoll",
"path":["/update/*"],
"roles": ["somebody"]//create a dir called /keys/somebody and put in usr.pwd files
}
}
}
}
{code}
We will also need to provide APIs to create users and assign them roles
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org