Hi; I'm using Solr 8.5.0.
I'm having trouble setting up some permissions using the rule-based authorization plugin: https://lucene.apache.org/solr/guide/8_5/rule-based-authorization-plugin.html I have 3 users: "admin", "search", and "indexer". I have set permissions and user roles: "permissions": [ { "name": "all", "role": "admin", "index": 1 }, { "name": "admin-luke", "collection": "*", "role": "luke", "index": 2, "path": "/admin/luke" }, { "name": "read", "role": "searching", "index": 3 }, { "name": "update", "role": "indexing", "index": 4 } ], "user-role": { "admin": "admin", "search": ["searching","luke"], "indexer": "indexing" } } Attached: full output of GET /admin/authorization So why can't user "indexer" add anything in a collection ? I always get HTTP 403 Forbidden. Using Postman, I click the checkbox to show the password, so I'm sure I typed the right one. Note that user "search" can't use the /select handler either, as should be the case with permission to "read". This user can, however, use the Luke handler, as the custom permission allows. User "admin" can use any API. So at least the predefined permission "all" does work. Note that the collections were created before enabling authentication and authorization. Could that be the cause of the permission issues ? Thanks; Isabelle Giguère Computational Linguist & Java Developer Linguiste informaticienne & développeur java
permissions.json
Description: permissions.json