Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id C3288200C4D for ; Wed, 5 Apr 2017 14:00:50 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id BF24A160B94; Wed, 5 Apr 2017 12:00:50 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 09662160B91 for ; Wed, 5 Apr 2017 14:00:49 +0200 (CEST) Received: (qmail 22513 invoked by uid 500); 5 Apr 2017 12:00:49 -0000 Mailing-List: contact dev-help@manifoldcf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@manifoldcf.apache.org Delivered-To: mailing list dev@manifoldcf.apache.org Received: (qmail 22501 invoked by uid 99); 5 Apr 2017 12:00:49 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 05 Apr 2017 12:00:49 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id AA30DC278B for ; Wed, 5 Apr 2017 12:00:48 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -99.202 X-Spam-Level: X-Spam-Status: No, score=-99.202 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id Jy_h7yhOg49I for ; Wed, 5 Apr 2017 12:00:48 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 859155FB62 for ; Wed, 5 Apr 2017 12:00:47 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 74789E0D34 for ; Wed, 5 Apr 2017 12:00:46 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id AAA2324023 for ; Wed, 5 Apr 2017 12:00:45 +0000 (UTC) Date: Wed, 5 Apr 2017 12:00:45 +0000 (UTC) From: "Karl Wright (JIRA)" To: dev@manifoldcf.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (CONNECTORS-1286) Solr Plugin: Add support for User Principal MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Wed, 05 Apr 2017 12:00:50 -0000 [ https://issues.apache.org/jira/browse/CONNECTORS-1286?page=3Dcom.atla= ssian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId= =3D15956727#comment-15956727 ]=20 Karl Wright commented on CONNECTORS-1286: ----------------------------------------- Didn't make it again this time; too much else going on. My suggestion is to tackle this problem early on in the 2.8 dev cycle. > Solr Plugin: Add support for User Principal > ------------------------------------------- > > Key: CONNECTORS-1286 > URL: https://issues.apache.org/jira/browse/CONNECTORS-128= 6 > Project: ManifoldCF > Issue Type: Improvement > Components: Solr 6.x component > Affects Versions: ManifoldCF 2.3 > Reporter: Konrad Holl > Assignee: Karl Wright > Priority: Minor > Fix For: ManifoldCF 2.7 > > > I=E2=80=99m using ManifoldCF 2.3 with Solr 5.4.1 and the Velocity templat= ing engine. I needed to do searches with ACLs enabled and installed the plu= gin. Unfortunately it is not possible to use the login information provided= by Jetty in the Solr plugin. > As of Solr 5.3 it is possible to extract the authenticated user from the = SolrQueryRequest object: http://lucene.apache.org/solr/5_3_0/solr-core/org/= apache/solr/request/SolrQueryRequest.html#getUserPrincipal(). I added these= lines to the code in org.apache.solr.mcf.ManifoldCFSearchComponent before = the evaluation of parameters for authenticated user name: > {code} > String authDomain =3D (String)args.get("AuthDomain"); > if (rb.req.getUserPrincipal() !=3D null) { > domainMap.put("", rb.req.getUserPrincipal().getName() + (= (authDomain =3D=3D null) ? "" : "@" + authDomain)); > } > else { > // Get the authenticated user name from the parameters > {code} > I also needed an additional setting =E2=80=9CauthDomain=E2=80=9D in the s= earch component configuration (solrconfig.xml). Now I can use Velocity even= for documents with ACLs :o) -- This message was sent by Atlassian JIRA (v6.3.15#6346)