[jira] [Commented] (CONNECTORS-1286) Solr Plugin: Add support for User Principal

Wed, 09 Mar 2016 09:53:00 -0800 

    [ 
https://issues.apache.org/jira/browse/CONNECTORS-1286?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15187511#comment-15187511
 ] 

Karl Wright commented on CONNECTORS-1286:
-----------------------------------------

This patch means that any solr login parameters will supercede all of the 
formal authenticated user parameters/domains passed into the component.  I 
don't think that's a good idea, especially since it is not backwards compatible.

In order to go ahead with this, it will be necessary to make this feature be 
enabled conditionally, based on another configuration flag.  If you would like 
to update your patch accordingly, that would be great.  Updating the README.txt 
for this component would also be a good idea.

Can you give us a sense of when formal login first appeared in Solr?  Is it a 
5.x feature, or did it appear also in 4.x?


> Solr Plugin: Add support for User Principal
> -------------------------------------------
>
>                 Key: CONNECTORS-1286
>                 URL: https://issues.apache.org/jira/browse/CONNECTORS-1286
>             Project: ManifoldCF
>          Issue Type: Improvement
>          Components: Solr-5.x component
>    Affects Versions: ManifoldCF 2.3
>            Reporter: Konrad Holl
>            Assignee: Karl Wright
>            Priority: Minor
>
> I’m using ManifoldCF 2.3 with Solr 5.4.1 and the Velocity templating engine. 
> I needed to do searches with ACLs enabled and installed the plugin. 
> Unfortunately it is not possible to use the login information provided by 
> Jetty in the Solr plugin.
> As of Solr 5.3 it is possible to extract the authenticated user from the 
> SolrQueryRequest object: 
> http://lucene.apache.org/solr/5_3_0/solr-core/org/apache/solr/request/SolrQueryRequest.html#getUserPrincipal().
>  I added these lines to the code in 
> org.apache.solr.mcf.ManifoldCFSearchComponent before the evaluation of 
> parameters for authenticated user name:
> {code}
>     String authDomain = (String)args.get("AuthDomain");
>     if (rb.req.getUserPrincipal() != null) {
>                 domainMap.put("", rb.req.getUserPrincipal().getName() + 
> ((authDomain == null) ? "" : "@" + authDomain));
>     }
>     else {
>       // Get the authenticated user name from the parameters
> {code}
> I also needed an additional setting “authDomain” in the search component 
> configuration (solrconfig.xml). Now I can use Velocity even for documents 
> with ACLs :o)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to