manifoldcf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Konrad Holl (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CONNECTORS-1286) Solr Plugin: Add support for User Principal
Date Thu, 31 Mar 2016 07:48:25 GMT

    [ https://issues.apache.org/jira/browse/CONNECTORS-1286?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15219530#comment-15219530
] 

Konrad Holl commented on CONNECTORS-1286:
-----------------------------------------

Actually the old mechanisms still work if no authentication is used - but you're right: If
authentication is not configured correctly for Solr it will do as you describe.

So, an additional switch would make sense. Also, there are two modules which should share
some common code (at the moment there is the same code inside two classes). I suggest to create
a an abstract class as a base for those two containing shared code.

As for the version, the getUserPrincipal method is available since Solr 5.3, so this is something
which needs to be mentioned in README.txt - or maybe a reason for not introducing this feature
at all.

> Solr Plugin: Add support for User Principal
> -------------------------------------------
>
>                 Key: CONNECTORS-1286
>                 URL: https://issues.apache.org/jira/browse/CONNECTORS-1286
>             Project: ManifoldCF
>          Issue Type: Improvement
>          Components: Solr-5.x component
>    Affects Versions: ManifoldCF 2.3
>            Reporter: Konrad Holl
>            Assignee: Karl Wright
>            Priority: Minor
>             Fix For: ManifoldCF 2.4
>
>
> I’m using ManifoldCF 2.3 with Solr 5.4.1 and the Velocity templating engine. I needed
to do searches with ACLs enabled and installed the plugin. Unfortunately it is not possible
to use the login information provided by Jetty in the Solr plugin.
> As of Solr 5.3 it is possible to extract the authenticated user from the SolrQueryRequest
object: http://lucene.apache.org/solr/5_3_0/solr-core/org/apache/solr/request/SolrQueryRequest.html#getUserPrincipal().
I added these lines to the code in org.apache.solr.mcf.ManifoldCFSearchComponent before the
evaluation of parameters for authenticated user name:
> {code}
>     String authDomain = (String)args.get("AuthDomain");
>     if (rb.req.getUserPrincipal() != null) {
>                 domainMap.put("", rb.req.getUserPrincipal().getName() + ((authDomain
== null) ? "" : "@" + authDomain));
>     }
>     else {
>       // Get the authenticated user name from the parameters
> {code}
> I also needed an additional setting “authDomain” in the search component configuration
(solrconfig.xml). Now I can use Velocity even for documents with ACLs :o)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message