[jira] [Updated] (SOLR-17789) Internode Authorization not working for external roles
[ https://issues.apache.org/jira/browse/SOLR-17789?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] ASF GitHub Bot updated SOLR-17789: -- Labels: pull-request-available (was: ) > Internode Authorization not working for external roles > -- > > Key: SOLR-17789 > URL: https://issues.apache.org/jira/browse/SOLR-17789 > Project: Solr > Issue Type: Bug > Components: Authorization >Affects Versions: 9.7, 9.8 >Reporter: Timo Crabbé >Priority: Major > Labels: pull-request-available > Time Spent: 10m > Remaining Estimate: 0h > > Solr nodes do not pass full authorization details to other nodes. > Steps to reproduce: > # Deploy cluster with more then one node > # Use a authentication plugin where roles are supplied externally (like > JWTAuth). > # Add a private collection with lower number of replicas then the number of > nodes in the cluster > # Send request to node that does not holds a replica of the collection to > force forwarding. > This results in a return code 403, because the sendRemoteQuery function in > `solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java` does not add > the current user's Security Principal on the HttpClientContext like the > executeMethod function does in > solr/solrj/src/java/org/apache/solr/client/solrj/impl/HttpSolrClient.java. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
[jira] [Updated] (SOLR-17789) Internode Authorization not working for external roles
[ https://issues.apache.org/jira/browse/SOLR-17789?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Timo Crabbé updated SOLR-17789: --- Affects Version/s: 9.8 > Internode Authorization not working for external roles > -- > > Key: SOLR-17789 > URL: https://issues.apache.org/jira/browse/SOLR-17789 > Project: Solr > Issue Type: Bug > Components: Authorization >Affects Versions: 9.7, 9.8 >Reporter: Timo Crabbé >Priority: Major > > Solr nodes do not pass full authorization details to other nodes. > Steps to reproduce: > # Deploy cluster with more then one node > # Use a authentication plugin where roles are supplied externally (like > JWTAuth). > # Add a private collection with lower number of replicas then the number of > nodes in the cluster > # Send request to node that does not holds a replica of the collection to > force forwarding. > This results in a return code 403, because the sendRemoteQuery function in > `solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java` does not add > the current user's Security Principal on the HttpClientContext like the > executeMethod function does in > solr/solrj/src/java/org/apache/solr/client/solrj/impl/HttpSolrClient.java. -- This message was sent by Atlassian Jira (v8.20.10#820010) - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
