You are viewing a plain text version of this content. The canonical link for it is here.
Posted to solr-user@lucene.apache.org by "Rathor, Piyush (US - Philadelphia)" <pr...@DELOITTE.com> on 2018/08/24 19:28:01 UTC
Authorization Non- Admin user - SOLR
Hi Team,
We are implementing Authorization in SOLR version 7.3.0. We are able to create non-admin user but the user still has admin access (access to core, access to create fields).
Can you please let us know how can we remove access to core, access to create fields from non-admin user using Authorization.
Also can you please let me know where can I check latest updates on the issue.
Thanks & Regards
Piyush Rathor
Consultant
This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message and any disclosure, copying, or distribution of this message, or the taking of any action based on it, by you is strictly prohibited.
v.E.1
RE: Authorization Non- Admin user - SOLR
Posted by "Rathor, Piyush (US - Philadelphia)" <pr...@DELOITTE.com>.
Please find attached below :
----------------------------------------------
{
"authentication":{
"blockUnknown":true,
"class":"solr.BasicAuthPlugin",
"credentials":{
"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=",
"tom":"a5fzuaXihDcKzl2W8Q26NtPlyhQL2gKxsOThYUfa9/U= 23iTm91z9aGXGcdjSJAMUnLoVglY40J8GGEE5jt+Gsg="},
"":{"v":0}},
"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions":[
{
"name":"security-edit",
"role":"admin",
"index":1},
{
"name":"collection-mgr",
"path":"/person/update",
"params":{"action":"CREATE"},
"role":"xz",
"index":2},
{
"name":"update",
"role":"dev",
"index":3}],
"user-role":{
"solr":[
"admin",
"dev"],
"harry":"dev",
"tom":"xz"},
"":{"v":0}}}
---------------------------------------------------
Thanks
Piyush
________________________________
From: Jan Høydahl <ja...@cominvent.com>
Sent: 27 August 2018 12:52
To: solr-user@lucene.apache.org
Subject: [EXT] Re: Authorization Non- Admin user - SOLR
Hi,
The mailing list does not accept attachments, please copy/paste or use a file sharing service.
--
Jan Høydahl, search solution architect
Cominvent AS - www.cominvent.com<http://www.cominvent.com>
> 27. aug. 2018 kl. 05:05 skrev Rathor, Piyush (US - Philadelphia) <pr...@DELOITTE.com>:
>
> Hi Jan,
>
> Please find attached security.json file.
> Please let me know if you need anything else.
>
> Thanks & Regards
> Piyush Rathor
> Consultant
> Please consider the environment before printing.
>
> -----Original Message-----
> From: Jan Høydahl <ja...@cominvent.com>
> Sent: Friday, August 24, 2018 7:45 PM
> To: solr-user@lucene.apache.org
> Subject: [EXT] Re: Authorization Non- Admin user - SOLR
>
> Please share your security.json for us to be able to tell whether you configured something wrong
>
> --
> Jan Høydahl, search solution architect
> Cominvent AS - www.cominvent.com<http://www.cominvent.com>
>
>> 24. aug. 2018 kl. 21:28 skrev Rathor, Piyush (US - Philadelphia) <pr...@DELOITTE.com>:
>>
>> Hi Team,
>>
>> We are implementing Authorization in SOLR version 7.3.0. We are able to create non-admin user but the user still has admin access (access to core, access to create fields).
>> Can you please let us know how can we remove access to core, access to create fields from non-admin user using Authorization.
>>
>> Also can you please let me know where can I check latest updates on the issue.
>>
>> Thanks & Regards
>> Piyush Rathor
>> Consultant
>>
>> This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message and any disclosure, copying, or distribution of this message, or the taking of any action based on it, by you is strictly prohibited.
>>
>> v.E.1
>
Re: Authorization Non- Admin user - SOLR
Posted by Jan Høydahl <ja...@cominvent.com>.
Hi,
The mailing list does not accept attachments, please copy/paste or use a file sharing service.
--
Jan Høydahl, search solution architect
Cominvent AS - www.cominvent.com
> 27. aug. 2018 kl. 05:05 skrev Rathor, Piyush (US - Philadelphia) <pr...@DELOITTE.com>:
>
> Hi Jan,
>
> Please find attached security.json file.
> Please let me know if you need anything else.
>
> Thanks & Regards
> Piyush Rathor
> Consultant
> Please consider the environment before printing.
>
> -----Original Message-----
> From: Jan Høydahl <ja...@cominvent.com>
> Sent: Friday, August 24, 2018 7:45 PM
> To: solr-user@lucene.apache.org
> Subject: [EXT] Re: Authorization Non- Admin user - SOLR
>
> Please share your security.json for us to be able to tell whether you configured something wrong
>
> --
> Jan Høydahl, search solution architect
> Cominvent AS - www.cominvent.com
>
>> 24. aug. 2018 kl. 21:28 skrev Rathor, Piyush (US - Philadelphia) <pr...@DELOITTE.com>:
>>
>> Hi Team,
>>
>> We are implementing Authorization in SOLR version 7.3.0. We are able to create non-admin user but the user still has admin access (access to core, access to create fields).
>> Can you please let us know how can we remove access to core, access to create fields from non-admin user using Authorization.
>>
>> Also can you please let me know where can I check latest updates on the issue.
>>
>> Thanks & Regards
>> Piyush Rathor
>> Consultant
>>
>> This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message and any disclosure, copying, or distribution of this message, or the taking of any action based on it, by you is strictly prohibited.
>>
>> v.E.1
>
RE: Authorization Non- Admin user - SOLR
Posted by "Rathor, Piyush (US - Philadelphia)" <pr...@DELOITTE.com>.
Hi Jan,
Please find attached security.json file.
Please let me know if you need anything else.
Thanks & Regards
Piyush Rathor
Consultant
Please consider the environment before printing.
-----Original Message-----
From: Jan Høydahl <ja...@cominvent.com>
Sent: Friday, August 24, 2018 7:45 PM
To: solr-user@lucene.apache.org
Subject: [EXT] Re: Authorization Non- Admin user - SOLR
Please share your security.json for us to be able to tell whether you configured something wrong
--
Jan Høydahl, search solution architect
Cominvent AS - www.cominvent.com
> 24. aug. 2018 kl. 21:28 skrev Rathor, Piyush (US - Philadelphia) <pr...@DELOITTE.com>:
>
> Hi Team,
>
> We are implementing Authorization in SOLR version 7.3.0. We are able to create non-admin user but the user still has admin access (access to core, access to create fields).
> Can you please let us know how can we remove access to core, access to create fields from non-admin user using Authorization.
>
> Also can you please let me know where can I check latest updates on the issue.
>
> Thanks & Regards
> Piyush Rathor
> Consultant
>
> This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message and any disclosure, copying, or distribution of this message, or the taking of any action based on it, by you is strictly prohibited.
>
> v.E.1
Re: Authorization Non- Admin user - SOLR
Posted by Jan Høydahl <ja...@cominvent.com>.
Please share your security.json for us to be able to tell whether you configured something wrong
--
Jan Høydahl, search solution architect
Cominvent AS - www.cominvent.com
> 24. aug. 2018 kl. 21:28 skrev Rathor, Piyush (US - Philadelphia) <pr...@DELOITTE.com>:
>
> Hi Team,
>
> We are implementing Authorization in SOLR version 7.3.0. We are able to create non-admin user but the user still has admin access (access to core, access to create fields).
> Can you please let us know how can we remove access to core, access to create fields from non-admin user using Authorization.
>
> Also can you please let me know where can I check latest updates on the issue.
>
> Thanks & Regards
> Piyush Rathor
> Consultant
>
> This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message and any disclosure, copying, or distribution of this message, or the taking of any action based on it, by you is strictly prohibited.
>
> v.E.1