[ https://issues.apache.org/jira/browse/SOLR-7692?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Noble Paul updated SOLR-7692: ----------------------------- Description: This involves various components h2. Authentication A basic auth based authentication filter. This should retrieve the user credentials from ZK. The user name and sha1 hash of password should be stored in ZK sample authentication json {code:javascript} { "authentication":{ "class": "solr.BasicAuthPlugin", "users" :{ "john" :"09fljnklnoiuy98 buygujkjnlk", "david":"f678njfgfjnklno iuy9865ty", "pete": "87ykjnklndfhjh8 98uyiy98", } } } {code} h2. authorization plugin This would store the roles of various users and their privileges in ZK sample authorization.json {code:javascript} { "authorization": { "class": "solr.ZKAuthorization", "roles" :{ "admin" : ["john"] "guest" : ["john", "david","pete"] } "permissions": { "collection-edit": { "role": "admin" }, "coreadmin":{ "role":"admin" }, "config-edit": { //all collections "role": "admin", "method":"POST" }, "schema-edit": { "roles": "admin", "method":"POST" }, "update": { //all collections "role": "dev" }, "mycoll_update": { "collection": "mycoll", "path":["/update/*"], "role": ["somebody"] } } } } {code} We will also need to provide APIs to create users and assign them roles was: This involves various components h2. Authentication A basic auth based authentication filter. This should retrieve the user credentials from ZK. The user name and sha1 hash of password should be stored in ZK sample authentication json {code:javascript} { "authentication":{ "class": "solr.BasicAuth", "users" :{ "john" :{09fljnklnoiuy98 buygujkjnlk", "david":"f678njfgfjnklno iuy9865ty", "pete": "87ykjnklndfhjh8 98uyiy98", } } } {code} h2. authorization plugin This would store the roles of various users and their privileges in ZK sample authorization.json {code:javascript} { "authorization": { "class": "solr.ZKAuthorization", "roles" :{ "admin" : ["john"] "guest" : ["john", "david","pete"] } "permissions": { "collectionadmin": { "roles": ["admin"] }, "coreadmin":{ "roles":["admin"] }, "config-api": { //all collections "roles": ["admin"] }, "schema-api": { "roles": ["admin"] }, "update": { //all collections "roles": null }, "query":{ "roles":null }, "mycoll_update": { "collection": "mycoll", "path":["/update/*"], "roles": ["somebody"]//create a dir called /keys/somebody and put in usr.pwd files } } } } {code} We will also need to provide APIs to create users and assign them roles > Implement BasicAuth based impl for the new Authentication/Authorization APIs > ---------------------------------------------------------------------------- > > Key: SOLR-7692 > URL: https://issues.apache.org/jira/browse/SOLR-7692 > Project: Solr > Issue Type: New Feature > Reporter: Noble Paul > Assignee: Noble Paul > Attachments: SOLR-7692.patch > > > This involves various components > h2. Authentication > A basic auth based authentication filter. This should retrieve the user > credentials from ZK. The user name and sha1 hash of password should be > stored in ZK > sample authentication json > {code:javascript} > { > "authentication":{ > "class": "solr.BasicAuthPlugin", > "users" :{ > "john" :"09fljnklnoiuy98 buygujkjnlk", > "david":"f678njfgfjnklno iuy9865ty", > "pete": "87ykjnklndfhjh8 98uyiy98", > } > } > } > {code} > h2. authorization plugin > This would store the roles of various users and their privileges in ZK > sample authorization.json > {code:javascript} > { > "authorization": { > "class": "solr.ZKAuthorization", > "roles" :{ > "admin" : ["john"] > "guest" : ["john", "david","pete"] > } > "permissions": { > "collection-edit": { > "role": "admin" > }, > "coreadmin":{ > "role":"admin" > }, > "config-edit": { > //all collections > "role": "admin", > "method":"POST" > }, > "schema-edit": { > "roles": "admin", > "method":"POST" > }, > "update": { > //all collections > "role": "dev" > }, > "mycoll_update": { > "collection": "mycoll", > "path":["/update/*"], > "role": ["somebody"] > } > } > } > } > {code} > We will also need to provide APIs to create users and assign them roles -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org