You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@solr.apache.org by Marco Descher <ma...@descher.at> on 2022/06/03 05:21:32 UTC

Support for JWT nested roles

Dear devs,

I'm trying to get SOLR JWT-Authentication running with Keycloak style 
JWT Tokens. This is where I faced
a problem considering the rolesClaim. I already added a JIRA Ticket and 
a PullRequest, and would be happy
if one of the maintainers could have a look at it.

https://issues.apache.org/jira/browse/SOLR-16230
https://github.com/apache/solr/pull/890

I also would be very interested, to get this patch to a quality, that it 
can be merged to 8.11!

I'm contributing the first time, so please excuse if there are things 
missing/wrong etc.

Thanks for your help!
Marco


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@solr.apache.org
For additional commands, e-mail: dev-help@solr.apache.org

Re: Support for JWT nested roles

Posted by Eric Pugh <ep...@opensourceconnections.com>.

Marco,

I’d love to hear what you learn, and if there are any “best practices” that you see with Keycloak and Solr.

You might be interested in https://github.com/querqy/chorus/ which demonstrates Keycloak and Solr.   Specifically I exported my setup into https://github.com/querqy/chorus/blob/main/keycloak/realm-config/chorus-realm.json and that does work, but I think it’s not the best approach.

Eric

> On Jun 3, 2022, at 1:21 AM, Marco Descher <ma...@descher.at> wrote:
> 
> Dear devs,
> 
> I'm trying to get SOLR JWT-Authentication running with Keycloak style JWT Tokens. This is where I faced
> a problem considering the rolesClaim. I already added a JIRA Ticket and a PullRequest, and would be happy
> if one of the maintainers could have a look at it.
> 
> https://issues.apache.org/jira/browse/SOLR-16230
> https://github.com/apache/solr/pull/890
> 
> I also would be very interested, to get this patch to a quality, that it can be merged to 8.11!
> 
> I'm contributing the first time, so please excuse if there are things missing/wrong etc.
> 
> Thanks for your help!
> Marco
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@solr.apache.org
> For additional commands, e-mail: dev-help@solr.apache.org
> 

_______________________
Eric Pugh | Founder & CEO | OpenSource Connections, LLC | 434.466.1467 | http://www.opensourceconnections.com <http://www.opensourceconnections.com/> | My Free/Busy <http://tinyurl.com/eric-cal>  
Co-Author: Apache Solr Enterprise Search Server, 3rd Ed <https://www.packtpub.com/big-data-and-business-intelligence/apache-solr-enterprise-search-server-third-edition-raw>	
This e-mail and all contents, including attachments, is considered to be Company Confidential unless explicitly stated otherwise, regardless of whether attachments are marked as such.