You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Noble Paul (JIRA)" <ji...@apache.org> on 2015/12/21 08:55:46 UTC
[jira] [Resolved] (SOLR-8429) add a flag blockUnknown to
BasicAutPlugin
[ https://issues.apache.org/jira/browse/SOLR-8429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Noble Paul resolved SOLR-8429.
------------------------------
Resolution: Fixed
Fix Version/s: Trunk
5.5
> add a flag blockUnknown to BasicAutPlugin
> -----------------------------------------
>
> Key: SOLR-8429
> URL: https://issues.apache.org/jira/browse/SOLR-8429
> Project: Solr
> Issue Type: Improvement
> Reporter: Noble Paul
> Assignee: Noble Paul
> Fix For: 5.5, Trunk
>
>
> If authentication is setup with BasicAuthPlugin, it let's all requests go through if no credentials are passed. This was done to have minimal impact for users who only wishes to protect a few end points (say , collection admin and core admin only)
> We can add a flag to {{BasicAuthPlugin}} to allow only authenticated requests to go in
> the users can create the first security.json with that flag
> {code}
> server/scripts/cloud-scripts/zkcli.sh -z localhost:9983 -cmd put /security.json '{"authentication": {"class": "solr.BasicAuthPlugin",
> "blockUnknown": true,
> "credentials": {"solr": "orwp2Ghgj39lmnrZOTm7Qtre1VqHFDfwAEzr0ApbN3Y= Ju5osoAqOX8iafhWpPP01E5P+sg8tK8tHON7rCYZRRw="}}}'
> {code}
> or add the flag later
> using the command
> {code}
> curl http://localhost:8983/solr/admin/authentication -H 'Content-type:application/json' -d '{
> {set-property:{blockUnknown:true}
> }'
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org