[jira] [Commented] (SOLR-7692) Implement BasicAuth based impl for the new Authentication/Authorization APIs

Mon, 27 Jul 2015 14:00:30 -0700 

    [ 
https://issues.apache.org/jira/browse/SOLR-7692?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14643380#comment-14643380
 ] 

Anshum Gupta commented on SOLR-7692:
------------------------------------

I'm getting the following compilation error on applying SOLR-7757.patch 
independently so breaking up wouldn't make sense unless at least one of them 
can compile/runs independently. Once that happens, it'd make sense for the 
second patch to depend on the first.

> Implement BasicAuth based impl for the new Authentication/Authorization APIs
> ----------------------------------------------------------------------------
>
>                 Key: SOLR-7692
>                 URL: https://issues.apache.org/jira/browse/SOLR-7692
>             Project: Solr
>          Issue Type: New Feature
>            Reporter: Noble Paul
>            Assignee: Noble Paul
>         Attachments: SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, 
> SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, 
> SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, SOLR-7692.patch, 
> SOLR-7757.patch
>
>
> This involves various components
> h2. Authentication
> A basic auth based authentication filter. This should retrieve the user 
> credentials from ZK.  The user name and sha1 hash of password should be 
> stored in ZK
> sample authentication json 
> {code:javascript}
> {
>   "authentication":{
>     "class": "solr.BasicAuthPlugin",
>     "users" :{
>       "john" :"09fljnklnoiuy98 buygujkjnlk",
>       "david":"f678njfgfjnklno iuy9865ty",
>       "pete": "87ykjnklndfhjh8 98uyiy98",
>        }
>   }
> }
> {code}
> h2. authorization plugin
> This would store the roles of various users and their privileges in ZK
> sample authorization.json
> {code:javascript}
> {
>   "authorization": {
>     "class": "solr.ZKAuthorization",
>    "roles" :{
>   "admin" : ["john"]
>   "guest" : ["john", "david","pete"]
>    }
>     "permissions": {
>        "collection-edit": {
>          "role": "admin" 
>        },
>        "coreadmin":{
>          "role":"admin"
>        },
>        "config-edit": {
>          //all collections
>          "role": "admin",
>          "method":"POST"
>        },
>        "schema-edit": {
>          "roles": "admin",
>          "method":"POST"
>        },
>        "update": {
>          //all collections
>          "role": "dev"
>        },
>       "mycoll_update": {
>         "collection": "mycoll",
>         "path":["/update/*"],
>         "role": ["somebody"]
>       }
>     }
>   }
> }
> {code} 
> We will also need to provide APIs to create users and assign them roles



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to