[ https://issues.apache.org/jira/browse/SOLR-10699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16015587#comment-16015587
]
Jan Høydahl commented on SOLR-10699:
------------------------------------
I think the way to approach user friendliness for security is much more about tooling such
as SOLR-8440 as well as API and UI support. Most users want to run a command {{solr auth enable}}
or to click a button in UI. More advanced users will talk to our security REST api {{set-permission}}
etc. Developers and advanced users may craft their own security.json but I don't think those
users are annoyed by the class param, rather the opposite, they expect it.?
> make it optional to specify authorization plugin class name
> -----------------------------------------------------------
>
> Key: SOLR-10699
> URL: https://issues.apache.org/jira/browse/SOLR-10699
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: security
> Reporter: Noble Paul
> Assignee: Noble Paul
>
> It is unlikely that users specify anything other than {{"class":"solr.RuleBasedAuthorizationPlugin"}}
for authorization. So , if nothing is specified we should take the default as {{solr.RuleBasedAuthorizationPlugin}}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org
|