[
https://issues.apache.org/jira/browse/SOLR-15202?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17299061#comment-17299061
]
Jason Gerlowski commented on SOLR-15202:
----------------------------------------
I've made this ticket public since it's discussing an enhancement to RBAP, and
not a specific vulnerability. (Along with Ken's agreement above of course.)
> Rule-Based Authorization Plugin parameter for core, not just collection, for
> non-cluster installations
> ------------------------------------------------------------------------------------------------------
>
> Key: SOLR-15202
> URL: https://issues.apache.org/jira/browse/SOLR-15202
> Project: Solr
> Issue Type: Wish
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authorization
> Affects Versions: 8.8.1
> Environment: Debian Buster, openjdk 11, Solr 8.8.1 stand-alone,
> installed as a service
> Reporter: Ken Liccardo
> Priority: Minor
>
> I was trying to limit access to specific CORES but as I was reading the
> RuleBasedAuthorizationPlugin documentation I conflated the terms "core" and
> "collection", and was wondering why configuring permissions by core name used
> in the collection parameter wasn't working. I've used Solr for years as
> stand-alone but somehow this distinction (core vs collection; I understand
> now that the latter is only used in solr clusters) escaped me while reading
> the Authorization documentation. Then I had an "aha" moment when I realized
> my confusion in terms. So, I don't know if it is difficult to add
> authorization by core for us stand-alone users. Or, perhaps allow the use of
> full paths, up to the endpoint, such as "solr/core1/select" instead of just
> "/select", for the "path" parameter.
>
> Thanks.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
