Hi, I am currently working on integrating Solr authorization framework with Apache Sentry (SENTRY-1475 <https://issues.apache.org/jira/browse/SENTRY-1475>).
As part of the investigation, I found that a number of request handlers in Solr don't implement *PermissionNameProvider* interface e.g. https://github.com/apache/lucene-solr/blob/063d624cdcf73e0eeb3c11487a76d4c3de7f40dc/solr/core/src/java/org/apache/solr/handler/CdcrRequestHandler.java https://github.com/apache/lucene-solr/blob/063d624cdcf73e0eeb3c11487a76d4c3de7f40dc/solr/core/src/java/org/apache/solr/handler/MoreLikeThisHandler.java Should we map every request handler to a specific permission? If that is not possible, how should the backend implementation protect these api endpoints? Thanks Hrishikesh