janhoy commented on code in PR #1851:
URL: https://github.com/apache/solr/pull/1851#discussion_r1301509653
##########
solr/core/src/resources/security.json:
##########
@@ -0,0 +1,74 @@
+{
+ "authentication": {
+ "blockUnknown": true,
+ "class": "solr.BasicAuthPlugin",
+ "credentials": {
+ "user": "5xqM3QvmfKJPaxCNRNgur/iPA+ENqGaMLou0vjRN+U0=
PoIl/rZE4wq+xdDmW3q0y/PctJ28VKIW14RTSU9du84=",
+ "admin": "bGHR1+rT5TVYHVWyZv+bW6ttXnUQDUjD06Avie1SUWQ=
Ut7wdJ0X2+IKgcp7y3DGbJBzxvPnA/YiLa5gmoVqYD0=",
+ "superadmin": "s7518QQL7UNiDNHRqo3PqvYbIts2fKkBDuBBv7Q9+D4=
MraYq5n3JjOl8SXHTH4OFMRb/rqlmt0oKbquw/urdDk="
+ }
+ },
+ "authorization": {
+ "class": "solr.RuleBasedAuthorizationPlugin",
+ "permissions": [{
+ "name": "security-edit",
+ "role": "admin",
+ "index": 1
+ },
+ {
+ "name": "security-read",
+ "role": "admin",
+ "index": 2
+ },
+ {
+ "name": "config-edit",
+ "role": "admin",
+ "index": 3
+ },
+ {
+ "name": "config-read",
+ "role": "admin",
+ "index": 4
+ },
+ {
+ "name": "collection-admin-edit",
+ "role": "admin",
+ "index": 5
+ },
+ {
+ "name": "collection-admin-read",
+ "role": "admin",
+ "index": 6
+ },
+ {
+ "name": "core-admin-edit",
+ "role": "admin",
+ "index": 7
+ },
+ {
+ "name": "core-admin-read",
+ "role": "admin",
+ "index": 8
+ },
+ {
+ "name": "all",
+ "role": [
+ "admin",
+ "superadmin"
Review Comment:
I see you have not mapped superadmin users to anything more than the admin
user, so do we need it? I think perhaps we could reserve `security-edit`
permission to the superadmin, and have all the other config edit permissions
for admin user?
Note also, that permissions like `metrics-read` and `health` will land here
since they are not explicitly defined above. Do we want metrics scraping and
healthcheck to require auth? If so, should there be a `health` user that only
gains access to these? Or should we set `blockUnknown: false` and define these
endpoints as open, unauthenticated?
Also, if someone wants to fetch clusterstatus using HTTP
(`/admin/collections?action=CLUSTERSTATUS`), that will need the
`collection-admin-read` permission, requiring ADMIN. But typically a SolrJ
client in customer application is not given full admin rights to a cluster, if
it only needs to query a collection. But in order to get cluster status
(without talking to ZK) it will need to hit this endpoint. So it is an option
to assign this particular permission with the `method=GET` and `params` set to
`[LIST, CLUSTERSTATUS]` (see
[here](https://solr.apache.org/guide/solr/latest/deployment-guide/rule-based-authorization-plugin.html#custom-permissions))
and assign it to `user` role.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
