manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Wright <daddy...@gmail.com>
Subject Re: next step in implementing manifold: user authentication
Date Mon, 18 Feb 2013 15:01:44 GMT
Do you mean, what URL argument does the Apache Solr 4.x Plugin expect
to see the authenticated user ID?  I would have thought you'd already
need that to confirm that everything works.  But in case you didn't
find it anywhere, it's "AuthenticatedUserName".

Karl

On Mon, Feb 18, 2013 at 9:51 AM, Bert van Hoesel <bhoesel@scamander.com> wrote:
> Hi Karl,
>
> The construct this way is clear. I hoped it would be more 'transparent' to
> the underlying processes.
>
> The next question that raises is: what is the (environment) variable name
> that ManifoldCF is expecting the authenticated username in? This is for me
> the 'missing' link in the setup. I have no clue what (as an example) to
> 'append' to the url to convey the username to ManifoldCF. Or is this
> configurable? If so where can I find it. As So far it has escaped my
> attention.
>
> Regards,
>
> Bert.
>
> On 02/18/2013 03:33 PM, Karl Wright wrote:
>
> Hi Bert,
>
> Typically the authenticated user name would get passed from
> mod-auth-kerb to Tomcat (or whatever the app server is you are running
> solr under) as an argument, maybe appended to the url.  It's going to
> be up to you to figure out how to do that.  Others may have more
> concrete suggestions.
>
> Karl
>
> On Mon, Feb 18, 2013 at 9:28 AM, Bert van Hoesel <bhoesel@scamander.com>
> wrote:
>
> Hi Karl,
>
> To be more precise. We are trying to get an 'sightly' customized Blacklight
> fronted to connect to solr via ManifoldCF with authorization (obvious).
> Blacklight is running from within Apache. So that would be a pre for
> mod-auth-kerb. But ManifoldCF is running from within a Tomcat instance. In
> this construct it is still not clear to me how and if this is going to work.
> Technically, I am still missing the link between the login on Apache and the
> authentication / user 'handover' to the Tomcat environment for Manifold.
>
> So if anyone can pitch in to describe their solution. It would be much
> appreciated.
>
> Regards,
>
> Bert.
>
>
> On 02/18/2013 03:09 PM, Karl Wright wrote:
>
> Hi Bert,
>
> Others, I hope, will chime in on this thread and let you know what
> precise solutions they have adopted.  But, in general, the solution
> you use will depend on the environment you intend to run in.  As you
> point out, JAAS authentication is an option, should you be able to
> find an appropriate JAAS plugin that does what you want.  If you want
> to do things via the Apache web server, I'd look at mod-auth-kerb
> rather than mod-authz.  Others, no doubt, have less generic
> suggestions.
>
> Karl
>
> On Mon, Feb 18, 2013 at 9:03 AM, Bert van Hoesel <bhoesel@scamander.com>
> wrote:
>
> Hi,
>
> At the moment for the most part it is clear how to install, configure and
> populate manifoldcd and solr with authorized data. Using the added
> Manifoldcf 'search' url I can see I do not have access to any 'authorized'
> documents. Indeed I only see the non authorized documents.
>
> Thus the next step would be an authentication mechanism on top of this. I
> have been looking 'around' but was not able to find enough pointers on how
> to accomplish this. Two 'obvious' paths seem to be available: JAAS or apache
> mod_authz. But maybe other solutions exists. Most preferable options are
> those with minimal (java) programming.
>
> Biggest issue at the moment is that I can not figure out how authentication
> data is propagated into ManifoldCF.
>
> Can anybody point me to some howtoo's or documentation of some kind on how
> to accomplish this authentication on top of ManifoldCF.
>
> Thanks in advance.
>
> Regards,
>
> Bert.
>
>
>

Mime
View raw message