Jan Høydahl created SOLR-16658: ---------------------------------- Summary: List of permissions returned to Admin UI is not complete Key: SOLR-16658 URL: https://issues.apache.org/jira/browse/SOLR-16658 Project: Solr Issue Type: Bug Security Level: Public (Default Security Level. Issues are Public) Components: Admin UI, security Reporter: Jan Høydahl Assignee: Jan Høydahl
The Admin UI fetches user's list of roles and permissions from the {{/admin/info/system}} API, and use it to enable/disable various parts of the UI. The lists are assembed by {{SystemInfoHandler}}, and work well for permissions assigned to one or more roles. However, Solr's security system also has two special type of roles that can be assigned to permissions: * {{null}} role: Means that no authentication is needed at all (if blockUnknown=false) * {{\*}} role: Wildcard role meaning a user with any role, i.e. any authenticated user, will have the permission This is handled correctly by the backend, but the list of permissions returned by {{/admin/info/system}} lacks these permissions. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org