[jira] [Commented] (SOLR-7896) Add a login page for Solr Administrative Interface

Mon, 10 Dec 2018 00:48:14 -0800 


    [ 
https://issues.apache.org/jira/browse/SOLR-7896?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16714434#comment-16714434
 ] 

Jan Høydahl commented on SOLR-7896:
-----------------------------------

[Pull Request #465|https://github.com/apache/lucene-solr/pull/465] is updated 
again. Changes include
 * Hide menus when displaying login screen after a 401, since the UI would not 
know if we're in cloud or m/s mode
 * Moved interceptor code into existing httpInterceptor
 * Fixed some bugs in login.js and better messages output in login.html

I think I'm done with this part now. *Plan to commit on Wednesday*. Would 
appreciate some more feedback though [~gus_heck], [~elyograg], [~shalinmangar]. 
I have added some comments myself to the GitHub PR and you're free to add your 
own. The graphical design is terrible but that's what you get when a backend 
guy touches CSS :) 

!login-screen-2.png|width=800!

> Add a login page for Solr Administrative Interface
> --------------------------------------------------
>
>                 Key: SOLR-7896
>                 URL: https://issues.apache.org/jira/browse/SOLR-7896
>             Project: Solr
>          Issue Type: New Feature
>          Components: Admin UI, Authentication, security
>    Affects Versions: 5.2.1
>            Reporter: Aaron Greenspan
>            Assignee: Jan Høydahl
>            Priority: Major
>              Labels: authentication, login, password
>             Fix For: master (8.0)
>
>         Attachments: dispatchfilter-code.png, login-page.png, 
> login-screen-2.png, logout.png, unknown_scheme.png
>
>          Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> Now that Solr supports Authentication plugins, the missing piece is to be 
> allowed access from Admin UI when authentication is enabled. For this we need
>  * Some plumbing in Admin UI that allows the UI to detect 401 responses and 
> redirect to login page
>  * Possibility to have multiple login pages depending on auth method and 
> redirect to the correct one
>  * [AngularJS HTTP 
> interceptors|https://docs.angularjs.org/api/ng/service/$http#interceptors] to 
> add correct HTTP headers on all requests when user is logged in
> This issue should aim to implement some of the plumbing mentioned above, and 
> make it work with Basic Auth.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to