Re: Build issue

[David Smiley <ds...@apache.org>]

On Fri, Jun 24, 2022 at 4:56 PM Guse, Jimmy <gu...@llnl.gov.invalid> wrote:

> The reason I’ve been in this swamp is that I use solr from within an
> application (both via the web and in cron scripts) running only as a single
> instance on localhost, never with direct user access.  To avoid having to
> deal with accounts and passwords (in files), I crafted an IdentAuthPlugin
> that I use as the authentication provider (which is secure for
> password-less authenticating of local users), and I add that into the
> released solr-core-x.y.z.jar to be used (I also need to modify the
> ‘credentials’ member of Sha256AuthenticationProvider class from private to
> protected, so I can subclass and override its authenticate() function
> inside my IdentAuthPlugin class – this just makes it simpler to leverage
> the existing functionality without duplicating it).  So my process involves
> taking the release-source, patching (Sha256AuthenticationProvider.java) it
> and adding (IdentAuthPlugin.java) to it, rebuilding it to get the updated
> .class files for those two Java classes and then stuffing them into the
> original solr-core-x.y.z.jar in the release-binary, so it drops in as a
> normal solr version .tgz package for updates/etc.
>
>
>
> So, would there be any interest in incorporating one (the privateàprotected
> patch) or both of these changes in the mainline source?
>

For the private->protected -- Sure; seems fine.  But for IdentAuthPlugin
you'd contribute; I'm unsure what it's doing.  I suppose you could share in
a PR.

~ David