[ https://issues.apache.org/jira/browse/SOLR-9702?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15618844#comment-15618844 ]
Hrishikesh Gadre commented on SOLR-9702: ---------------------------------------- bq. which in turn would open up the possibility to use a whole range of auth services (in particular LDAP servers). I recently contributed LDAP authentication support in hadoop authentication framework (HADOOP-12082). SOLR-9513 is tracking the changes required to expose this functionality in Solr. May be you can use that ? > Authentication & Authorization based on Jetty security > ------------------------------------------------------ > > Key: SOLR-9702 > URL: https://issues.apache.org/jira/browse/SOLR-9702 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Components: security > Affects Versions: 6.2.1 > Reporter: Thomas Quinot > > (following up on comments initially posted on SOLR-7275). > Back in Solr 4 days, user authentication could be handled by Jetty, and some > level of authorization could be implemented using request regexp rules. This > was explicitly documented in the SolrSecurity page: > http://wiki.apache.org/solr/SolrSecurity?action=recall&rev=35#Jetty_realm_example > In particular, authentication could thus be performed against a variety of > services implemented in Jetty, such as HashLoginService (mentioned explicitly > in the above documentation, tested in production, does work) or possibly > JAASLoginService, which in turn would open up the possibility to use a whole > range of auth services (in particular LDAP servers). > I see that the usage of Jetty is now "an implementation detail". Does this > mean that the feature listed above is not supported anymore? (This is quite > unfortunate IMO, as even just the HashLoginService would be useful to > authenticate users against a database of UNIX crypt(3) passwords) > The new login services that are apparently being reimplemented in Solr itself > seem to be much less flexible and limited. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org