You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "David Eric Pugh (Jira)" <ji...@apache.org> on 2021/03/23 11:12:00 UTC

[jira] [Commented] (SOLR-13071) Add JWT Auth support in bin/solr

    [ https://issues.apache.org/jira/browse/SOLR-13071?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17306977#comment-17306977 ] 

David Eric Pugh commented on SOLR-13071:
----------------------------------------

In working with [~kezhenxu94] on adding JWT to the Yasa plugin, he discovered that since bin/solr doesn't support JWT, how do you install a JWT compatible Yasa plugin into a JWT authed Solr!

 

So this ticket remains needed.     Since I haven't found a good example to copy of the browser window based auth approach (and that may not be the best), I'lm going to try and do the `SOLR_AUTH_TYPE=token` appraoch suggested.

> Add JWT Auth support in bin/solr
> --------------------------------
>
>                 Key: SOLR-13071
>                 URL: https://issues.apache.org/jira/browse/SOLR-13071
>             Project: Solr
>          Issue Type: Improvement
>          Components: scripts and tools
>            Reporter: Jan Høydahl
>            Priority: Major
>
> Once SOLR-12121 gets in, we should add support to {{bin/solr}} start scripts so they can authenticate with Solr using a JWT token. A preferred way would perhaps be through {{solr.in.sh}} and add new
> {noformat}
> SOLR_AUTH_TYPE=token
> SOLR_AUTHENTICATION_OPTS=-DjwtToken=....
> {noformat}
> A disadvantage with this method is that the user needs to know how to obtain the token, and the token needs to be long-lived. A more sophisticated way would be a {{bin/solr auth login}} command that opens a browser window with the IDP login screen and saves the short-lived access token and optionally refresh token, in the file system.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)