You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by ja...@apache.org on 2019/01/17 13:25:16 UTC
[lucene-solr] branch master updated: SOLR-13116: Add Admin UI login
support for Kerberos
This is an automated email from the ASF dual-hosted git repository.
janhoy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git
The following commit(s) were added to refs/heads/master by this push:
new e515a91 SOLR-13116: Add Admin UI login support for Kerberos
e515a91 is described below
commit e515a9140677d76d4d74a32f6c8ca03a2b2f72c5
Author: Jan Høydahl <ja...@apache.org>
AuthorDate: Thu Jan 17 14:25:08 2019 +0100
SOLR-13116: Add Admin UI login support for Kerberos
---
solr/CHANGES.txt | 2 ++
solr/webapp/web/css/angular/login.css | 6 ++++++
solr/webapp/web/js/angular/controllers/login.js | 12 ++++++++----
solr/webapp/web/partials/login.html | 18 +++++++++++++++++-
4 files changed, 33 insertions(+), 5 deletions(-)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 5b569e7..93fc6ff 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -209,6 +209,8 @@ New Features
* SOLR-7896: Add a login page to Admin UI, with initial support for Basic Auth (janhoy)
+* SOLR-13116: Add Admin UI login support for Kerberos (janhoy, Jason Gerlowski)
+
* SOLR-11126: New Node-level health check handler at /admin/info/healthcheck and /node/health paths that
checks if the node is live, connected to zookeeper and not shutdown. (Anshum Gupta, Amrit Sarkar, shalin)
diff --git a/solr/webapp/web/css/angular/login.css b/solr/webapp/web/css/angular/login.css
index 52ad4e0..6d6c908 100644
--- a/solr/webapp/web/css/angular/login.css
+++ b/solr/webapp/web/css/angular/login.css
@@ -41,6 +41,12 @@ limitations under the License.
margin-bottom: 1rem;
}
+#content #login a
+{
+ color: #0000bf;
+ cursor: pointer;
+}
+
#content #login .login-error
{
font-size: 1rem;
diff --git a/solr/webapp/web/js/angular/controllers/login.js b/solr/webapp/web/js/angular/controllers/login.js
index 9935191..e87f2a8 100644
--- a/solr/webapp/web/js/angular/controllers/login.js
+++ b/solr/webapp/web/js/angular/controllers/login.js
@@ -27,9 +27,13 @@ solrAdminApp.controller('LoginController',
var authScheme = sessionStorage.getItem("auth.scheme");
if (wwwAuthHeader) {
// Parse www-authenticate header
- var wwwHeader = wwwAuthHeader.match(/(\w+)\s+(.*)/);
- authScheme = wwwHeader[1];
- var authParams = www_auth_parse_params(wwwHeader[2]);
+ var wwwHeader = wwwAuthHeader.match(/(\w+)(\s+)?(.*)/);
+ authScheme = "unknown";
+ var authParams = {};
+ if (wwwHeader && wwwHeader.length >= 1)
+ authScheme = wwwHeader[1];
+ if (wwwHeader && wwwHeader.length >= 3)
+ authParams = www_auth_parse_params(wwwHeader[3]);
if (typeof authParams === 'string' || authParams instanceof String) {
$scope.authParamsError = authParams;
} else {
@@ -43,7 +47,7 @@ solrAdminApp.controller('LoginController',
sessionStorage.setItem("auth.scheme", authScheme);
}
- var supportedSchemes = ['Basic', 'Bearer'];
+ var supportedSchemes = ['Basic', 'Bearer', 'Negotiate'];
$scope.authSchemeSupported = supportedSchemes.includes(authScheme);
$scope.authScheme = sessionStorage.getItem("auth.scheme");
$scope.authRealm = sessionStorage.getItem("auth.realm");
diff --git a/solr/webapp/web/partials/login.html b/solr/webapp/web/partials/login.html
index 10a3caf..d5dba14 100644
--- a/solr/webapp/web/partials/login.html
+++ b/solr/webapp/web/partials/login.html
@@ -60,7 +60,23 @@ limitations under the License.
</div>
-
+ <div ng-show="authScheme === 'Negotiate'">
+ <h1>Kerberos Authentication</h1>
+ <p>Your browser did not provide the required information to authenticate using Kerberos.
+ Please check that your computer has a valid ticket for communicating with Solr,
+ and that your browser is properly configured to provide that ticket when required.
+ For more information, consult
+ <a href="https://lucene.apache.org/solr/guide/kerberos-authentication-plugin.html">
+ Solr's Kerberos documentation
+ </a>.
+ </p>
+ The response from the server was:
+ <hr/>
+ <pre>HTTP 401 {{statusText}}
+WWW-Authenticate: {{wwwAuthHeader}}</pre>
+ <hr/>
+ </div>
+
<div ng-show="!authSchemeSupported">
<h1>Authentication scheme not supported</h1>