[
https://issues.apache.org/jira/browse/SOLR-17789?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated SOLR-17789:
----------------------------------
Labels: pull-request-available (was: )
> Internode Authorization not working for external roles
> ------------------------------------------------------
>
> Key: SOLR-17789
> URL: https://issues.apache.org/jira/browse/SOLR-17789
> Project: Solr
> Issue Type: Bug
> Components: Authorization
> Affects Versions: 9.7, 9.8
> Reporter: Timo Crabbé
> Priority: Major
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Solr nodes do not pass full authorization details to other nodes.
> Steps to reproduce:
> # Deploy cluster with more then one node
> # Use a authentication plugin where roles are supplied externally (like
> JWTAuth).
> # Add a private collection with lower number of replicas then the number of
> nodes in the cluster
> # Send request to node that does not holds a replica of the collection to
> force forwarding.
> This results in a return code 403, because the sendRemoteQuery function in
> `solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java` does not add
> the current user's Security Principal on the HttpClientContext like the
> executeMethod function does in
> solr/solrj/src/java/org/apache/solr/client/solrj/impl/HttpSolrClient.java.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
