[ https://issues.apache.org/jira/browse/SOLR-15771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17756853#comment-17756853 ]
Eric Pugh commented on SOLR-15771: ---------------------------------- The PR is ready for review. One thought that struck me over the weekend, why do we have blockUnknown? Couldn't that logic be modeled in security.json??? > bin/solr auth enable should model best practices for security.json > ------------------------------------------------------------------ > > Key: SOLR-15771 > URL: https://issues.apache.org/jira/browse/SOLR-15771 > Project: Solr > Issue Type: Bug > Components: Authentication, SolrCLI > Reporter: Eric Pugh > Assignee: Eric Pugh > Priority: Minor > Time Spent: 40m > Remaining Estimate: 0h > > During discussion of SOLR-15770, the idea came up that the {{bin/solr auth > enable}} command should model a best practices setup of {{security.json}}, > with the idea that it's sometimes easier to show versus tell people how to > setup security. > > My wish for that default security.json > * Add three users {{user}} , {{admin}} and {{superadmin}} > * Add three roles with the same names > * Map *every* permission in the system to one or more of those roles > * End the chain with an {{all}} permission connected to the {{superadmin}} > role > Bonus points would be to have the {{security.json}} be a template file read > in by {{AuthTool}} instead of a hard to edit/understand String generated in > Java. Then we could also reference this file in the Ref Guide (the way we do > with some SolrJ chunks of code) and provide more detailed explanation of > thinking in the Ref Guide. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org