[ https://issues.apache.org/jira/browse/SOLR-12666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16912135#comment-16912135 ]
Noble Paul commented on SOLR-12666: ----------------------------------- In principle +1 to multiple auth plugins. Let's assume that people may have a max of 2 -3 auth plugins and , 99% of the people are likely to use only one. The following should be fine {code:js} { "authentication":{ "class":"solr.BasicAuthPlugin", "credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="} }, authentication2 : {}, authentication3:{}, "authorization":{} } {code} > Support multiple AuthenticationPlugin's simultaneoulsy > ------------------------------------------------------ > > Key: SOLR-12666 > URL: https://issues.apache.org/jira/browse/SOLR-12666 > Project: Solr > Issue Type: New Feature > Components: Authentication, security > Reporter: Jan Høydahl > Priority: Major > Labels: authentication > > Solr is getting support for more authentication plugins year by year, and > customers have developed their own in-house plugins as well. > At the same time we see more and more JIRAs to add *BasicAuth* support for > various clients and use cases, such as SOLR-12584 (Solr Exporter), SOLR-9779 > (Streaming expressions), SOLR-11356 (ConcurrentUpdateSolrClient), SOLR-8213 > (JDBC), SOLR-12583 (Subquery docTransformer) and SOLR-10322 (Streaming > expression daemon), SOLR-12860 (metrics history), SOLR-11759 > (DocExpirationUpdateProcessor), SOLR-11959 (CDCR), SOLR-12359 (LIR) and > probably more. Some of these may be bugs that can be fixed with PKI though... > Currently the framework supports *only one active Auth method* (except PKI > which is special). Which means that if you use something else than BasicAuth, > you're lucky if you get any of the above features to work with your cluster. > -Even the AdminUI only supports BasicAuth (implicit via browser).- Admin UI > has explicit support for a few plugins only. > I think the solution is to allow more than one auth plugin to be active at > the same time, allowing people to use their custom fancy auth which is > tightly integrated with their environment, and at the same time activate e.g. > BasicAuth or JWTAuth for use with other clients that do not support the > primary auth method. -- This message was sent by Atlassian Jira (v8.3.2#803003) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org