On 3/12/2018 4:07 PM, Terry Steichen wrote: > I'm using 6.6.0 with security.json active, having the content shown > below. I am running standalone mode, have two solr cores defined: > email1, and email2. Since the 'blockUnknown' is set to false, everyone > should have access to any unprotected resource. As you can see, I have > three users defined: joe, solr and terry (the latter two having an admin > role). > > What I expect to happen is for user joe (who is not an admin) to be able > to access core emails2 without being challenged for his credentials. > But, user joe should also be challenged and not allowed to access emails1. > > But solr appears to ignore the "collections" portion of the permission - > it denies joe access to both cores.
<snip> > "blockUnknown": true, Above you said that blockUnknown was false. But in the config that you've included here, I can clearly see it set to true. Could that be the issue? I don't actually know anything about the authentication/authorization plugin configuration. But I can spot a discrepancy! I can see in your original email, where the config got formatted badly, that it was false. So which is actually there? Thanks, Shawn
