lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Noble Paul (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SOLR-7692) Implement BasicAuth based impl for the new Authentication/Authorization APIs
Date Wed, 05 Aug 2015 11:09:05 GMT

     [ https://issues.apache.org/jira/browse/SOLR-7692?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Noble Paul updated SOLR-7692:
-----------------------------
    Priority: Blocker  (was: Major)

> Implement BasicAuth based impl for the new Authentication/Authorization APIs
> ----------------------------------------------------------------------------
>
>                 Key: SOLR-7692
>                 URL: https://issues.apache.org/jira/browse/SOLR-7692
>             Project: Solr
>          Issue Type: New Feature
>            Reporter: Noble Paul
>            Assignee: Noble Paul
>            Priority: Blocker
>             Fix For: 5.3
>
>         Attachments: SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch,
SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch,
SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, SOLR-7757.patch,
SOLR-7757.patch, SOLR-7757.patch
>
>
> This involves various components
> h2. Authentication
> A basic auth based authentication filter. This should retrieve the user credentials from
ZK.  The user name and sha1 hash of password should be stored in ZK
> sample authentication json 
> {code:javascript}
> {
>   "authentication":{
>     "class": "solr.BasicAuthPlugin",
>     "users" :{
>       "john" :"09fljnklnoiuy98 buygujkjnlk",
>       "david":"f678njfgfjnklno iuy9865ty",
>       "pete": "87ykjnklndfhjh8 98uyiy98",
>        }
>   }
> }
> {code}
> h2. authorization plugin
> This would store the roles of various users and their privileges in ZK
> sample authorization.json
> {code:javascript}
> {
>   "authorization": {
>     "class": "solr.ZKAuthorization",
>    "roles" :{
>   "admin" : ["john"]
>   "guest" : ["john", "david","pete"]
>    }
>     "permissions": {
>        "collection-edit": {
>          "role": "admin" 
>        },
>        "coreadmin":{
>          "role":"admin"
>        },
>        "config-edit": {
>          //all collections
>          "role": "admin",
>          "method":"POST"
>        },
>        "schema-edit": {
>          "roles": "admin",
>          "method":"POST"
>        },
>        "update": {
>          //all collections
>          "role": "dev"
>        },
>       "mycoll_update": {
>         "collection": "mycoll",
>         "path":["/update/*"],
>         "role": ["somebody"]
>       }
>     }
>   }
> }
> {code} 
> We will also need to provide APIs to create users and assign them roles



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message