[ https://issues.apache.org/jira/browse/SOLR-15771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17752792#comment-17752792 ]
Eric Pugh commented on SOLR-15771: ---------------------------------- [~janhoy] would you be interested in picking this one up with me? I think I can do a lot of the coding work, but my innate understanding of how it SHOULD work is lacking ;-) > bin/solr auth enable should model best practices for security.json > ------------------------------------------------------------------ > > Key: SOLR-15771 > URL: https://issues.apache.org/jira/browse/SOLR-15771 > Project: Solr > Issue Type: Bug > Components: Authentication, SolrCLI > Reporter: Eric Pugh > Assignee: Eric Pugh > Priority: Minor > > During discussion of SOLR-15770, the idea came up that the {{bin/solr auth > enable}} command should model a best practices setup of {{security.json}}, > with the idea that it's sometimes easier to show versus tell people how to > setup security. > > My wish for that default security.json > * Add three users {{user}} , {{admin}} and {{superadmin}} > * Add three roles with the same names > * Map *every* permission in the system to one or more of those roles > * End the chain with an {{all}} permission connected to the {{superadmin}} > role > Bonus points would be to have the {{security.json}} be a template file read > in by {{AuthTool}} instead of a hard to edit/understand String generated in > Java. Then we could also reference this file in the Ref Guide (the way we do > with some SolrJ chunks of code) and provide more detailed explanation of > thinking in the Ref Guide. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org