You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "David Eric Pugh (Jira)" <ji...@apache.org> on 2021/08/25 11:56:00 UTC
[jira] [Assigned] (SOLR-15296) Provide allowlisting mechanism in
the JWT auth plugin to ignore paths like login
[ https://issues.apache.org/jira/browse/SOLR-15296?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Eric Pugh reassigned SOLR-15296:
--------------------------------------
Assignee: David Eric Pugh
> Provide allowlisting mechanism in the JWT auth plugin to ignore paths like login
> --------------------------------------------------------------------------------
>
> Key: SOLR-15296
> URL: https://issues.apache.org/jira/browse/SOLR-15296
> Project: Solr
> Issue Type: Wish
> Components: Authorization, Plugin system
> Reporter: Zhenxu Ke
> Assignee: David Eric Pugh
> Priority: Major
>
> I'm recently working (with [~epugh] ) on YASA to make it work under the auth plugins.
>
> I saw in the codes that the authenticator allowlists the Admin login path `{{/solr/` explicitly}}, while for YASA, its path must start with `{{/v2`}} , not matching the whitelisted paths and will be intercepted, hence the login page won't be reached and redirected, I also didn't find a allowlisting mechanism in the JWT auth plugin, and [RBAP|https://nightlies.apache.org/Solr/Solr-reference-guide-main/rule-based-authorization-plugin.html] doesn't seem to fit this case either. So I'm wondering if it's possible to provide allowlisting mechanism in the JWT auth plugin, so that users can configure the login paths for plugins like YASA to work?
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org