lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl (JIRA) <>
Subject [jira] [Commented] (SOLR-10699) make it optional to specify authorization plugin class name
Date Thu, 18 May 2017 11:09:04 GMT


Jan Høydahl commented on SOLR-10699:

I think the way to approach user friendliness for security is much more about tooling such
as SOLR-8440 as well as API and UI support. Most users want to run a command {{solr auth enable}}
or to click a button in UI. More advanced users will talk to our security REST api {{set-permission}}
etc. Developers and advanced users may craft their own security.json but I don't think those
users are annoyed by the class param, rather the opposite, they expect it.?

> make it optional to specify authorization plugin class name
> -----------------------------------------------------------
>                 Key: SOLR-10699
>                 URL:
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: security
>            Reporter: Noble Paul
>            Assignee: Noble Paul
> It is unlikely that users specify anything other than  {{"class":"solr.RuleBasedAuthorizationPlugin"}}
for authorization. So , if nothing is specified we should take the default as {{solr.RuleBasedAuthorizationPlugin}}

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message