[
https://issues.apache.org/jira/browse/SOLR-7896?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16734209#comment-16734209
]
Cassandra Targett edited comment on SOLR-7896 at 1/4/19 2:49 PM:
-----------------------------------------------------------------
bq. If the user opens a page or attempts an action that requires
authentication, then the login screen is presented with a message from whatever
Auth plugin is active. I guess this will look like a dead end, as the only menu
option will be "Login" at this point. But opening a new browser tab will bring
back the full UI. But opening a new browser tab will bring back the full UI.
I'm confused about the last sentence there. I don't quite understand how
opening a new browser tab bypasses the login screen?
I know, I should try it and see for myself, but I have a long list of other
things vying for my time.
was (Author: ctargett):
bq. If the user opens a page or attempts an action that requires
authentication, then the login screen is presented with a message from whatever
Auth plugin is active. I guess this will look like a dead end, as the only menu
option will be "Login" at this point. But opening a new browser tab will bring
back the full UI. But opening a new browser tab will bring back the full UI.
I'm confused about the last sentence there. I don't quite understand how
opening a new browser tab bypasses the login screen?
> Add a login page for Solr Administrative Interface
> --------------------------------------------------
>
> Key: SOLR-7896
> URL: https://issues.apache.org/jira/browse/SOLR-7896
> Project: Solr
> Issue Type: New Feature
> Components: Admin UI, Authentication, security
> Affects Versions: 5.2.1
> Reporter: Aaron Greenspan
> Assignee: Jan Høydahl
> Priority: Major
> Labels: authentication, login, password
> Fix For: master (8.0), 7.7
>
> Attachments: dispatchfilter-code.png, login-page.png,
> login-screen-2.png, logout.png, unknown_scheme.png
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> Now that Solr supports Authentication plugins, the missing piece is to be
> allowed access from Admin UI when authentication is enabled. For this we need
> * Some plumbing in Admin UI that allows the UI to detect 401 responses and
> redirect to login page
> * Possibility to have multiple login pages depending on auth method and
> redirect to the correct one
> * [AngularJS HTTP
> interceptors|https://docs.angularjs.org/api/ng/service/$http#interceptors] to
> add correct HTTP headers on all requests when user is logged in
> This issue should aim to implement some of the plumbing mentioned above, and
> make it work with Basic Auth.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
