manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Wright <daddy...@gmail.com>
Subject Re: next step in implementing manifold: user authentication
Date Mon, 18 Feb 2013 14:33:40 GMT
Hi Bert,

Typically the authenticated user name would get passed from
mod-auth-kerb to Tomcat (or whatever the app server is you are running
solr under) as an argument, maybe appended to the url.  It's going to
be up to you to figure out how to do that.  Others may have more
concrete suggestions.

Karl

On Mon, Feb 18, 2013 at 9:28 AM, Bert van Hoesel <bhoesel@scamander.com> wrote:
> Hi Karl,
>
> To be more precise. We are trying to get an 'sightly' customized Blacklight
> fronted to connect to solr via ManifoldCF with authorization (obvious).
> Blacklight is running from within Apache. So that would be a pre for
> mod-auth-kerb. But ManifoldCF is running from within a Tomcat instance. In
> this construct it is still not clear to me how and if this is going to work.
> Technically, I am still missing the link between the login on Apache and the
> authentication / user 'handover' to the Tomcat environment for Manifold.
>
> So if anyone can pitch in to describe their solution. It would be much
> appreciated.
>
> Regards,
>
> Bert.
>
>
> On 02/18/2013 03:09 PM, Karl Wright wrote:
>
> Hi Bert,
>
> Others, I hope, will chime in on this thread and let you know what
> precise solutions they have adopted.  But, in general, the solution
> you use will depend on the environment you intend to run in.  As you
> point out, JAAS authentication is an option, should you be able to
> find an appropriate JAAS plugin that does what you want.  If you want
> to do things via the Apache web server, I'd look at mod-auth-kerb
> rather than mod-authz.  Others, no doubt, have less generic
> suggestions.
>
> Karl
>
> On Mon, Feb 18, 2013 at 9:03 AM, Bert van Hoesel <bhoesel@scamander.com>
> wrote:
>
> Hi,
>
> At the moment for the most part it is clear how to install, configure and
> populate manifoldcd and solr with authorized data. Using the added
> Manifoldcf 'search' url I can see I do not have access to any 'authorized'
> documents. Indeed I only see the non authorized documents.
>
> Thus the next step would be an authentication mechanism on top of this. I
> have been looking 'around' but was not able to find enough pointers on how
> to accomplish this. Two 'obvious' paths seem to be available: JAAS or apache
> mod_authz. But maybe other solutions exists. Most preferable options are
> those with minimal (java) programming.
>
> Biggest issue at the moment is that I can not figure out how authentication
> data is propagated into ManifoldCF.
>
> Can anybody point me to some howtoo's or documentation of some kind on how
> to accomplish this authentication on top of ManifoldCF.
>
> Thanks in advance.
>
> Regards,
>
> Bert.
>
>

Mime
View raw message