[ https://issues.apache.org/jira/browse/SOLR-7230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14358367#comment-14358367 ]
Noble Paul commented on SOLR-7230: ---------------------------------- bq.This issue lacks a lot of context and high level end user focus. Yes, you are right and it is done on purpose. This issue is targeted at developers of actual security implementations bq.I think time may be ripe for adding security and user login to stock Solr I'm not sure if we should dilute our efforts by littering Solr source code with users and credentials . It can be a heavy distraction . I believe that security can be orthogonal to what we do other wise. Trying to provide a fast, super scalable , reliable search system. bq.What is your concrete use case that triggered this Jira, Noble? We have customers asking for integrating with their preferred authentication/authorization mechanism. At the same time, I don't want it to preempt any alternate implementations which some other customers want. Believe me, enterprise is a crazy heterogenous place with numerous different security practices. We may not be able to satisfy everyone and at the same time. Hence, there is a need for a implementation agnostic approach . > An API to plugin security into Solr > ----------------------------------- > > Key: SOLR-7230 > URL: https://issues.apache.org/jira/browse/SOLR-7230 > Project: Solr > Issue Type: New Feature > Reporter: Noble Paul > > The objective is to define a API that a plugin can implement to protect > various operations performed on Solr. It may have various implementations . > Some built in and some external. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org