Jan Høydahl created SOLR-16658:
----------------------------------
Summary: List of permissions returned to Admin UI is not complete
Key: SOLR-16658
URL: https://issues.apache.org/jira/browse/SOLR-16658
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Components: Admin UI, security
Reporter: Jan Høydahl
Assignee: Jan Høydahl
The Admin UI fetches user's list of roles and permissions from the
{{/admin/info/system}} API, and use it to enable/disable various parts of the
UI.
The lists are assembed by {{SystemInfoHandler}}, and work well for permissions
assigned to one or more roles. However, Solr's security system also has two
special type of roles that can be assigned to permissions:
* {{null}} role: Means that no authentication is needed at all (if
blockUnknown=false)
* {{\*}} role: Wildcard role meaning a user with any role, i.e. any
authenticated user, will have the permission
This is handled correctly by the backend, but the list of permissions returned
by {{/admin/info/system}} lacks these permissions.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
