[
https://issues.apache.org/jira/browse/SOLR-7274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14492567#comment-14492567
]
Ishan Chattopadhyaya edited comment on SOLR-7274 at 4/14/15 10:31 AM:
----------------------------------------------------------------------
Thanks [~anshumg] for your review!
bq. This change I assume is also just for the purpose of testing/dev, right?
Oh yes, and it was very helpful. But, I've removed it from the next patch.
bq. About forwarding of requests, do you think we could borrow the code to send
a repeatable request beforehand in case of POST/PUT? Or does it make sense to
fix SOLR-6625 ?
POST/PUT requests are implementations of HttpEntityEnclosingRequestBase, and in
this patch, I've wrapped such entities inside a BufferedHttpEntity (in
Krb5HttpClientConfigurer) to take care of repeatable requests.
bq. Most importantly, unless I'm missing out on something, are you propagating
the userPrincipal out of the plugin and back to Solr?
The plugin should set the user principal to the request so that
req.getUserPrincipal() returns a javax.security.Principal object. The way this
can be done is to use a HttpServletRequestWrapper in the plugin. Would you
instead prefer that we use an internal solr header / parameter for passing
along the user principal?
was (Author: ichattopadhyaya):
Thanks [~anshumg] for your review!
bq. This change I assume is also just for the purpose of testing/dev, right?
Oh yes, and it was very helpful. But, I've removed it from the next patch.
bq. About forwarding of requests, do you think we could borrow the code to send
a repeatable request beforehand in case of POST/PUT? Or does it make sense to
fix SOLR-6625 ?
I think that dealing with SOLR-6625 is important for this, and feel that it
should be tackled there itself.
bq. Most importantly, unless I'm missing out on something, are you propagating
the userPrincipal out of the plugin and back to Solr?
The plugin should set the user principal to the request so that
req.getUserPrincipal() returns a javax.security.Principal object. The way this
can be done is to use a HttpServletRequestWrapper in the plugin. Would you
instead prefer that we use an internal solr header / parameter for passing
along the user principal?
> Pluggable authentication module in Solr
> ---------------------------------------
>
> Key: SOLR-7274
> URL: https://issues.apache.org/jira/browse/SOLR-7274
> Project: Solr
> Issue Type: Sub-task
> Reporter: Anshum Gupta
> Attachments: SOLR-7274.patch, SOLR-7274.patch, SOLR-7274.patch
>
>
> It would be good to have Solr support different authentication protocols.
> To begin with, it'd be good to have support for kerberos and basic auth.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
