You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@lucene.apache.org by "Lakhan Gupta (Jira)" <ji...@apache.org> on 2019/12/21 13:59:00 UTC
[jira] [Updated] (SOLR-14056) Solr admin api's are not
authenticated after enabling blockUnknown parameter in jwt authentication.
[ https://issues.apache.org/jira/browse/SOLR-14056?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Lakhan Gupta updated SOLR-14056:
--------------------------------
Description:
Hi,
I am enabling jwt authentication using solr 8.1.1 in standalone mode. below is my security.json file.
{code:java}
{{ "authentication":{ "blockUnknown": true, "class":"solr.JWTAuthPlugin", "jwk":{ "kty":"oct", "use":"sig", "kid":"k1", "k":"8347834radajklajdlkajskdjaskldjkasljdklasjdklaskdjaslkdjklasjdlkasjkldaskldjlkasdasjdlkasjdlkdsl", "alg":"HS256"}, "aud":"solr"}, "authorization":{ "class":"solr.RuleBasedAuthorizationPlugin", "permissions":[ { "name":"all", "path":"/*", "role":"admin" } ], "user-role":{ "solr":"admin" } }}
{code}
as you can see in above code, blockunknown parameter is enabled because of that my solr admin/info/system api is not authenticated.
I've read in 8.1.1 documentation as blockunknown parameter block unknown request. so that, my admin/info/system api causing problem. I need an urgent help!
Really appreciate if someone can give me a quick solution.
Thanks
Laksh Gupta
was:
Hi,
I am enabling jwt authentication using solr 8.1.1 in standalone mode. below is my security.json file.
{code:java}
{{ "authentication":{ "blockUnknown": true, "class":"solr.JWTAuthPlugin", "jwk":{ "kty":"oct", "use":"sig", "kid":"k1", "k":"7A02618BE6943C22FD81CAB9F6FCF063B6E1732C3614BC3ACA6032B6B3215CAF0D28A34FD423423CA3AC34BEA27D3F79", "alg":"HS256"}, "aud":"solr"}, "authorization":{ "class":"solr.RuleBasedAuthorizationPlugin", "permissions":[ { "name":"all", "path":"/*", "role":"admin" } ], "user-role":{ "solr":"admin" } }}
{code}
as you can see in above code, blockunknown parameter is enabled because of that my solr admin/info/system api is not authenticated.
I've read in 8.1.1 documentation as blockunknown parameter block unknown request. so that, my admin/info/system api causing problem. I need an urgent help!
Really appreciate if someone can give me a quick solution.
Thanks
Laksh Gupta
> Solr admin api's are not authenticated after enabling blockUnknown parameter in jwt authentication.
> ---------------------------------------------------------------------------------------------------
>
> Key: SOLR-14056
> URL: https://issues.apache.org/jira/browse/SOLR-14056
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication, Authorization
> Affects Versions: 8.1.1
> Environment: solr stand
> Reporter: Lakhan Gupta
> Priority: Critical
> Labels: beginner
>
> Hi,
> I am enabling jwt authentication using solr 8.1.1 in standalone mode. below is my security.json file.
> {code:java}
> {{ "authentication":{ "blockUnknown": true, "class":"solr.JWTAuthPlugin", "jwk":{ "kty":"oct", "use":"sig", "kid":"k1", "k":"8347834radajklajdlkajskdjaskldjkasljdklasjdklaskdjaslkdjklasjdlkasjkldaskldjlkasdasjdlkasjdlkdsl", "alg":"HS256"}, "aud":"solr"}, "authorization":{ "class":"solr.RuleBasedAuthorizationPlugin", "permissions":[ { "name":"all", "path":"/*", "role":"admin" } ], "user-role":{ "solr":"admin" } }}
> {code}
> as you can see in above code, blockunknown parameter is enabled because of that my solr admin/info/system api is not authenticated.
> I've read in 8.1.1 documentation as blockunknown parameter block unknown request. so that, my admin/info/system api causing problem. I need an urgent help!
>
> Really appreciate if someone can give me a quick solution.
>
> Thanks
> Laksh Gupta
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@lucene.apache.org
For additional commands, e-mail: issues-help@lucene.apache.org