[ https://issues.apache.org/jira/browse/SOLR-13649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16918294#comment-16918294 ]
ASF subversion and git services commented on SOLR-13649: -------------------------------------------------------- Commit b37d92bfee63a9ede2a754347cbe8627dedade33 in lucene-solr's branch refs/heads/master from Marcus [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b37d92b ] SOLR-13649 change the default behavior of the basic authentication plugin. (#805) SOLR-13649: Property 'blockUnknown' of BasicAuthPlugin and JWTAuthPlugin now defaults to 'true'. This change is backward incompatible. To achieve the previous default behavior, explicitly set 'blockUnknown':'false' in security.json > BasicAuth's 'blockUnknown' param should default to true > ------------------------------------------------------- > > Key: SOLR-13649 > URL: https://issues.apache.org/jira/browse/SOLR-13649 > Project: Solr > Issue Type: Improvement > Components: Admin UI, Authentication, security > Affects Versions: 7.7.2, 8.1.1 > Environment: All > Reporter: Marcus Eagan > Assignee: Shalin Shekhar Mangar > Priority: Major > Labels: Authentication > Fix For: master (9.0) > > Time Spent: 9h 10m > Remaining Estimate: 0h > > If someone seeks to enable basic authentication but they do not specify the > {{blockUnknown}} parameter, the default value is {{false}}. That default > behavior is a bit counterintuitive because if someone wishes to enable basic > authentication, you would expect that they would want all unknown users to > need to authenticate by default. I can imagine cases where you would not, but > those cases would be less frequent. -- This message was sent by Atlassian Jira (v8.3.2#803003) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org