Creating a custom auth plugin for solr

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Creating a custom auth plugin for solr

srshaik
Hi,

I am new to solr security and wanted some help / reference on how to implement custom authentication and authorization in solr cloud.

I would like to use JWT. Is that possible ?
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Creating a custom auth plugin for solr

Jan Høydahl / Cominvent
I assume you already read http://lucene.apache.org/solr/guide/6_6/authentication-and-authorization-plugins.html <http://lucene.apache.org/solr/guide/6_6/authentication-and-authorization-plugins.html>
When you implement a custom auth plugin you are free to e.g. pull HTTP headers for validation, like the BasicAuth plugin does.
Then, your plugin will OK the authenticated user and you may then use the built-in authorization plugin to configure what that user can do in the system.

I suggest you start looking at the code for the existing plugins and work from there, and then come back and ask questions when you’re stuck.

--
Jan Høydahl, search solution architect
Cominvent AS - www.cominvent.com

> 13. jul. 2017 kl. 06.34 skrev srshaik <[hidden email]>:
>
> Hi,
>
> I am new to solr security and wanted some help / reference on how to
> implement custom authentication and authorization in solr cloud.
>
> I would like to use JWT. Is that possible ?
>
>
>
> --
> View this message in context: http://lucene.472066.n3.nabble.com/Creating-a-custom-auth-plugin-for-solr-tp4345762.html
> Sent from the Solr - User mailing list archive at Nabble.com.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Creating a custom auth plugin for solr

srshaik
Thanks Jan. I had gone though the link. But, not the code. I will look into it and try to understand. However, I had a question regarding support multi-tenancy.
If I have one collection containing documents for multiple tenants, would I have to build a custom authorization plugin to prevent one customer from updating the document of another. Or should I build a custom handler for each of the operations such as update / delete / search etc..
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Creating a custom auth plugin for solr

srshaik
In reply to this post by Jan Høydahl / Cominvent
Thanks Jan. I had gone though the link. But, not the code. I will look into it and try to understand. However, I had a question regarding support multi-tenancy.
If I have one collection containing documents for multiple tenants, would I have to build a custom authorization plugin to prevent one customer from updating the document of another. Or should I build a custom handler for each of the operations such as update / delete / search etc..
Loading...