[
https://issues.apache.org/jira/browse/SOLR-15771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17756853#comment-17756853
]
Eric Pugh commented on SOLR-15771:
----------------------------------
The PR is ready for review. One thought that struck me over the weekend, why
do we have blockUnknown? Couldn't that logic be modeled in security.json???
> bin/solr auth enable should model best practices for security.json
> ------------------------------------------------------------------
>
> Key: SOLR-15771
> URL: https://issues.apache.org/jira/browse/SOLR-15771
> Project: Solr
> Issue Type: Bug
> Components: Authentication, SolrCLI
> Reporter: Eric Pugh
> Assignee: Eric Pugh
> Priority: Minor
> Time Spent: 40m
> Remaining Estimate: 0h
>
> During discussion of SOLR-15770, the idea came up that the {{bin/solr auth
> enable}} command should model a best practices setup of {{security.json}},
> with the idea that it's sometimes easier to show versus tell people how to
> setup security.
>
> My wish for that default security.json
> * Add three users {{user}} , {{admin}} and {{superadmin}}
> * Add three roles with the same names
> * Map *every* permission in the system to one or more of those roles
> * End the chain with an {{all}} permission connected to the {{superadmin}}
> role
> Bonus points would be to have the {{security.json}} be a template file read
> in by {{AuthTool}} instead of a hard to edit/understand String generated in
> Java. Then we could also reference this file in the Ref Guide (the way we do
> with some SolrJ chunks of code) and provide more detailed explanation of
> thinking in the Ref Guide.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
