Active directory integration in Solr

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Active directory integration in Solr

Kommu, Vinodh K.
Hi,

Does anyone know that Solr has any out of the box capability to integrate Active directory (using LDAP) when security is enabled? Instead of creating users in security.json file, planning to use users who already exists in active directory so they can use their individual credentials rather than defining in Solr. Did anyone came across similar requirement? If so was there any working solution?


Thanks,
Vinodh

DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
Reply | Threaded
Open this post in threaded view
|

Re: Active directory integration in Solr

Charlie Hull-3
Not out of the box, there are a few authentication plugins bundled but
not for AD
https://lucene.apache.org/solr/guide/7_2/authentication-and-authorization-plugins.html 
- there's also some useful stuff in Apache ManifoldCF
https://www.francelabs.com/blog/tutorial-on-authorizations-for-manifold-cf-and-solr/ 


Best

Charlie

On 18/11/2019 15:08, Kommu, Vinodh K. wrote:

> Hi,
>
> Does anyone know that Solr has any out of the box capability to integrate Active directory (using LDAP) when security is enabled? Instead of creating users in security.json file, planning to use users who already exists in active directory so they can use their individual credentials rather than defining in Solr. Did anyone came across similar requirement? If so was there any working solution?
>
>
> Thanks,
> Vinodh
>
> DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
>

--
Charlie Hull
Flax - Open Source Enterprise Search

tel/fax: +44 (0)8700 118334
mobile:  +44 (0)7767 825828
web: www.flax.co.uk

Reply | Threaded
Open this post in threaded view
|

RE: Active directory integration in Solr

Kommu, Vinodh K.
Thanks Charlie.

We are already using Basic authentication in our existing clusters, however it's getting difficult to maintain number of users as we are getting too many requests for readonly access from support teams. So we desperately looking for active directory solution. Just wondering if someone might have same requirement need.


Regards,
Vinodh

-----Original Message-----
From: Charlie Hull <[hidden email]>
Sent: Tuesday, November 19, 2019 2:55 PM
To: [hidden email]
Subject: Re: Active directory integration in Solr

ATTENTION! This email originated outside of DTCC; exercise caution.

Not out of the box, there are a few authentication plugins bundled but not for AD
https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flucene.apache.org%2Fsolr%2Fguide%2F7_2%2Fauthentication-and-authorization-plugins.html&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245309858&amp;sdata=fkahJ62aWFYh7QxcyFQbJV9u8OsTYSWp6pv0MNdzjps%3D&amp;reserved=0
- there's also some useful stuff in Apache ManifoldCF
https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.francelabs.com%2Fblog%2Ftutorial-on-authorizations-for-manifold-cf-and-solr%2F&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=iYiKRDJKYBZaxUd%2F%2BIddFBwxB2RhSqih2KZc26aZlRU%3D&amp;reserved=0


Best

Charlie

On 18/11/2019 15:08, Kommu, Vinodh K. wrote:

> Hi,
>
> Does anyone know that Solr has any out of the box capability to integrate Active directory (using LDAP) when security is enabled? Instead of creating users in security.json file, planning to use users who already exists in active directory so they can use their individual credentials rather than defining in Solr. Did anyone came across similar requirement? If so was there any working solution?
>
>
> Thanks,
> Vinodh
>
> DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
>

--
Charlie Hull
Flax - Open Source Enterprise Search

tel/fax: +44 (0)8700 118334
mobile:  +44 (0)7767 825828
web: https://nam02.safelinks.protection.outlook.com/?url=www.flax.co.uk&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=YNGIg%2FVgL2w82i3JWsBkBTJeefHMjSxbjLaQyOdJVt0%3D&amp;reserved=0

DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

Reply | Threaded
Open this post in threaded view
|

Re: Active directory integration in Solr

Mark H. Wood
In reply to this post by Kommu, Vinodh K.
On Mon, Nov 18, 2019 at 03:08:51PM +0000, Kommu, Vinodh K. wrote:
> Does anyone know that Solr has any out of the box capability to integrate Active directory (using LDAP) when security is enabled? Instead of creating users in security.json file, planning to use users who already exists in active directory so they can use their individual credentials rather than defining in Solr. Did anyone came across similar requirement? If so was there any working solution?

Searching for "solr authentication ldap" turned up this:

https://risdenk.github.io/2018/11/20/apache-solr-hadoop-authentication-plugin-ldap.html

ADS also uses Kerberos, and Solr has a Kerberos authN plugin.  Would
that help?

--
Mark H. Wood
Lead Technology Analyst

University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu

signature.asc (201 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

RE: Active directory integration in Solr

Kommu, Vinodh K.
Thanks for responding Wood.

Since we are running on Solr cloud not in HDFS, perhaps there is no viable solution for solr cloud I think.


Regards,
Vinodh

-----Original Message-----
From: Mark H. Wood <[hidden email]>
Sent: Wednesday, November 20, 2019 9:44 PM
To: [hidden email]
Subject: Re: Active directory integration in Solr

ATTENTION! This email originated outside of DTCC; exercise caution.
DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

Reply | Threaded
Open this post in threaded view
|

Re: Active directory integration in Solr

Jörn Franke
In reply to this post by Kommu, Vinodh K.
I would not give users directly access to Solr - even with LDAP plugin. Build a rest interface or web interface that does the authentication and authorization and security sanitization. Then you can also manage better excessive queries or explicitly forbid certain type of queries (eg specific streaming expressions - I would not expose all of them to users).

> Am 19.11.2019 um 11:02 schrieb Kommu, Vinodh K. <[hidden email]>:
>
> Thanks Charlie.
>
> We are already using Basic authentication in our existing clusters, however it's getting difficult to maintain number of users as we are getting too many requests for readonly access from support teams. So we desperately looking for active directory solution. Just wondering if someone might have same requirement need.
>
>
> Regards,
> Vinodh
>
> -----Original Message-----
> From: Charlie Hull <[hidden email]>
> Sent: Tuesday, November 19, 2019 2:55 PM
> To: [hidden email]
> Subject: Re: Active directory integration in Solr
>
> ATTENTION! This email originated outside of DTCC; exercise caution.
>
> Not out of the box, there are a few authentication plugins bundled but not for AD
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flucene.apache.org%2Fsolr%2Fguide%2F7_2%2Fauthentication-and-authorization-plugins.html&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245309858&amp;sdata=fkahJ62aWFYh7QxcyFQbJV9u8OsTYSWp6pv0MNdzjps%3D&amp;reserved=0
> - there's also some useful stuff in Apache ManifoldCF
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.francelabs.com%2Fblog%2Ftutorial-on-authorizations-for-manifold-cf-and-solr%2F&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=iYiKRDJKYBZaxUd%2F%2BIddFBwxB2RhSqih2KZc26aZlRU%3D&amp;reserved=0
>
>
> Best
>
> Charlie
>
>> On 18/11/2019 15:08, Kommu, Vinodh K. wrote:
>> Hi,
>>
>> Does anyone know that Solr has any out of the box capability to integrate Active directory (using LDAP) when security is enabled? Instead of creating users in security.json file, planning to use users who already exists in active directory so they can use their individual credentials rather than defining in Solr. Did anyone came across similar requirement? If so was there any working solution?
>>
>>
>> Thanks,
>> Vinodh
>>
>> DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
>>
>
> --
> Charlie Hull
> Flax - Open Source Enterprise Search
>
> tel/fax: +44 (0)8700 118334
> mobile:  +44 (0)7767 825828
> web: https://nam02.safelinks.protection.outlook.com/?url=www.flax.co.uk&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=YNGIg%2FVgL2w82i3JWsBkBTJeefHMjSxbjLaQyOdJVt0%3D&amp;reserved=0
>
> DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.
>
Reply | Threaded
Open this post in threaded view
|

Re: Active directory integration in Solr

Kevin Risden-3
So I wrote the blog more of an experiment above. I don't know if it is
fully operating other than on a single node. That being said, the Hadoop
authentication plugin doesn't require running on HDFS. It just uses the
Hadoop code to do authentication.

I will echo what Jorn said though - I wouldn't expose Solr to the internet
or directly without some sort of API. Whether you do
authentication/authorization at the API is a separate question.

Kevin Risden


On Wed, Nov 20, 2019 at 1:54 PM Jörn Franke <[hidden email]> wrote:

> I would not give users directly access to Solr - even with LDAP plugin.
> Build a rest interface or web interface that does the authentication and
> authorization and security sanitization. Then you can also manage better
> excessive queries or explicitly forbid certain type of queries (eg specific
> streaming expressions - I would not expose all of them to users).
>
> > Am 19.11.2019 um 11:02 schrieb Kommu, Vinodh K. <[hidden email]>:
> >
> > Thanks Charlie.
> >
> > We are already using Basic authentication in our existing clusters,
> however it's getting difficult to maintain number of users as we are
> getting too many requests for readonly access from support teams. So we
> desperately looking for active directory solution. Just wondering if
> someone might have same requirement need.
> >
> >
> > Regards,
> > Vinodh
> >
> > -----Original Message-----
> > From: Charlie Hull <[hidden email]>
> > Sent: Tuesday, November 19, 2019 2:55 PM
> > To: [hidden email]
> > Subject: Re: Active directory integration in Solr
> >
> > ATTENTION! This email originated outside of DTCC; exercise caution.
> >
> > Not out of the box, there are a few authentication plugins bundled but
> not for AD
> >
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flucene.apache.org%2Fsolr%2Fguide%2F7_2%2Fauthentication-and-authorization-plugins.html&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245309858&amp;sdata=fkahJ62aWFYh7QxcyFQbJV9u8OsTYSWp6pv0MNdzjps%3D&amp;reserved=0
> > - there's also some useful stuff in Apache ManifoldCF
> >
> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.francelabs.com%2Fblog%2Ftutorial-on-authorizations-for-manifold-cf-and-solr%2F&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=iYiKRDJKYBZaxUd%2F%2BIddFBwxB2RhSqih2KZc26aZlRU%3D&amp;reserved=0
> >
> >
> > Best
> >
> > Charlie
> >
> >> On 18/11/2019 15:08, Kommu, Vinodh K. wrote:
> >> Hi,
> >>
> >> Does anyone know that Solr has any out of the box capability to
> integrate Active directory (using LDAP) when security is enabled? Instead
> of creating users in security.json file, planning to use users who already
> exists in active directory so they can use their individual credentials
> rather than defining in Solr. Did anyone came across similar requirement?
> If so was there any working solution?
> >>
> >>
> >> Thanks,
> >> Vinodh
> >>
> >> DTCC DISCLAIMER: This email and any files transmitted with it are
> confidential and intended solely for the use of the individual or entity to
> whom they are addressed. If you have received this email in error, please
> notify us immediately and delete the email and any attachments from your
> system. The recipient should check this email and any attachments for the
> presence of viruses. The company accepts no liability for any damage caused
> by any virus transmitted by this email.
> >>
> >
> > --
> > Charlie Hull
> > Flax - Open Source Enterprise Search
> >
> > tel/fax: +44 (0)8700 118334
> > mobile:  +44 (0)7767 825828
> > web:
> https://nam02.safelinks.protection.outlook.com/?url=www.flax.co.uk&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=YNGIg%2FVgL2w82i3JWsBkBTJeefHMjSxbjLaQyOdJVt0%3D&amp;reserved=0
> >
> > DTCC DISCLAIMER: This email and any files transmitted with it are
> confidential and intended solely for the use of the individual or entity to
> whom they are addressed. If you have received this email in error, please
> notify us immediately and delete the email and any attachments from your
> system. The recipient should check this email and any attachments for the
> presence of viruses. The company accepts no liability for any damage caused
> by any virus transmitted by this email.
> >
>
Reply | Threaded
Open this post in threaded view
|

Re: Active directory integration in Solr

Jörn Franke
Well i propose for Solr Kerberos authentication on HTTPS (2) for the web ui backend. Then the web ui backend does any type of authentication / authorization of users you need.
I would not let users access directly access Solr in any environment.



> Am 20.11.2019 um 20:19 schrieb Kevin Risden <[hidden email]>:
>
> So I wrote the blog more of an experiment above. I don't know if it is
> fully operating other than on a single node. That being said, the Hadoop
> authentication plugin doesn't require running on HDFS. It just uses the
> Hadoop code to do authentication.
>
> I will echo what Jorn said though - I wouldn't expose Solr to the internet
> or directly without some sort of API. Whether you do
> authentication/authorization at the API is a separate question.
>
> Kevin Risden
>
>
>> On Wed, Nov 20, 2019 at 1:54 PM Jörn Franke <[hidden email]> wrote:
>>
>> I would not give users directly access to Solr - even with LDAP plugin.
>> Build a rest interface or web interface that does the authentication and
>> authorization and security sanitization. Then you can also manage better
>> excessive queries or explicitly forbid certain type of queries (eg specific
>> streaming expressions - I would not expose all of them to users).
>>
>>>> Am 19.11.2019 um 11:02 schrieb Kommu, Vinodh K. <[hidden email]>:
>>>
>>> Thanks Charlie.
>>>
>>> We are already using Basic authentication in our existing clusters,
>> however it's getting difficult to maintain number of users as we are
>> getting too many requests for readonly access from support teams. So we
>> desperately looking for active directory solution. Just wondering if
>> someone might have same requirement need.
>>>
>>>
>>> Regards,
>>> Vinodh
>>>
>>> -----Original Message-----
>>> From: Charlie Hull <[hidden email]>
>>> Sent: Tuesday, November 19, 2019 2:55 PM
>>> To: [hidden email]
>>> Subject: Re: Active directory integration in Solr
>>>
>>> ATTENTION! This email originated outside of DTCC; exercise caution.
>>>
>>> Not out of the box, there are a few authentication plugins bundled but
>> not for AD
>>>
>> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flucene.apache.org%2Fsolr%2Fguide%2F7_2%2Fauthentication-and-authorization-plugins.html&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245309858&amp;sdata=fkahJ62aWFYh7QxcyFQbJV9u8OsTYSWp6pv0MNdzjps%3D&amp;reserved=0
>>> - there's also some useful stuff in Apache ManifoldCF
>>>
>> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.francelabs.com%2Fblog%2Ftutorial-on-authorizations-for-manifold-cf-and-solr%2F&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=iYiKRDJKYBZaxUd%2F%2BIddFBwxB2RhSqih2KZc26aZlRU%3D&amp;reserved=0
>>>
>>>
>>> Best
>>>
>>> Charlie
>>>
>>>> On 18/11/2019 15:08, Kommu, Vinodh K. wrote:
>>>> Hi,
>>>>
>>>> Does anyone know that Solr has any out of the box capability to
>> integrate Active directory (using LDAP) when security is enabled? Instead
>> of creating users in security.json file, planning to use users who already
>> exists in active directory so they can use their individual credentials
>> rather than defining in Solr. Did anyone came across similar requirement?
>> If so was there any working solution?
>>>>
>>>>
>>>> Thanks,
>>>> Vinodh
>>>>
>>>> DTCC DISCLAIMER: This email and any files transmitted with it are
>> confidential and intended solely for the use of the individual or entity to
>> whom they are addressed. If you have received this email in error, please
>> notify us immediately and delete the email and any attachments from your
>> system. The recipient should check this email and any attachments for the
>> presence of viruses. The company accepts no liability for any damage caused
>> by any virus transmitted by this email.
>>>>
>>>
>>> --
>>> Charlie Hull
>>> Flax - Open Source Enterprise Search
>>>
>>> tel/fax: +44 (0)8700 118334
>>> mobile:  +44 (0)7767 825828
>>> web:
>> https://nam02.safelinks.protection.outlook.com/?url=www.flax.co.uk&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=YNGIg%2FVgL2w82i3JWsBkBTJeefHMjSxbjLaQyOdJVt0%3D&amp;reserved=0
>>>
>>> DTCC DISCLAIMER: This email and any files transmitted with it are
>> confidential and intended solely for the use of the individual or entity to
>> whom they are addressed. If you have received this email in error, please
>> notify us immediately and delete the email and any attachments from your
>> system. The recipient should check this email and any attachments for the
>> presence of viruses. The company accepts no liability for any damage caused
>> by any virus transmitted by this email.
>>>
>>
Reply | Threaded
Open this post in threaded view
|

Re: Active directory integration in Solr

David Hastings
I guess I don’t understand why one wouldn’t simply make a basic front end for solr, it’s literally the easiest thing to throw together and then you control all authentication and filters per user.  Even a basic one would be some w3 school tutorials with php+json+whatever authentication Mech you want to use.  Access to the ui right away let’s you just, drop entire cores or collections, there’s no way anyone not familiar with what they’re doing should be allowed to touch it

> On Nov 20, 2019, at 6:22 PM, Jörn Franke <[hidden email]> wrote:
>
> Well i propose for Solr Kerberos authentication on HTTPS (2) for the web ui backend. Then the web ui backend does any type of authentication / authorization of users you need.
> I would not let users access directly access Solr in any environment.
>
>
>
>> Am 20.11.2019 um 20:19 schrieb Kevin Risden <[hidden email]>:
>>
>> So I wrote the blog more of an experiment above. I don't know if it is
>> fully operating other than on a single node. That being said, the Hadoop
>> authentication plugin doesn't require running on HDFS. It just uses the
>> Hadoop code to do authentication.
>>
>> I will echo what Jorn said though - I wouldn't expose Solr to the internet
>> or directly without some sort of API. Whether you do
>> authentication/authorization at the API is a separate question.
>>
>> Kevin Risden
>>
>>
>>> On Wed, Nov 20, 2019 at 1:54 PM Jörn Franke <[hidden email]> wrote:
>>>
>>> I would not give users directly access to Solr - even with LDAP plugin.
>>> Build a rest interface or web interface that does the authentication and
>>> authorization and security sanitization. Then you can also manage better
>>> excessive queries or explicitly forbid certain type of queries (eg specific
>>> streaming expressions - I would not expose all of them to users).
>>>
>>>>> Am 19.11.2019 um 11:02 schrieb Kommu, Vinodh K. <[hidden email]>:
>>>>
>>>> Thanks Charlie.
>>>>
>>>> We are already using Basic authentication in our existing clusters,
>>> however it's getting difficult to maintain number of users as we are
>>> getting too many requests for readonly access from support teams. So we
>>> desperately looking for active directory solution. Just wondering if
>>> someone might have same requirement need.
>>>>
>>>>
>>>> Regards,
>>>> Vinodh
>>>>
>>>> -----Original Message-----
>>>> From: Charlie Hull <[hidden email]>
>>>> Sent: Tuesday, November 19, 2019 2:55 PM
>>>> To: [hidden email]
>>>> Subject: Re: Active directory integration in Solr
>>>>
>>>> ATTENTION! This email originated outside of DTCC; exercise caution.
>>>>
>>>> Not out of the box, there are a few authentication plugins bundled but
>>> not for AD
>>>>
>>> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flucene.apache.org%2Fsolr%2Fguide%2F7_2%2Fauthentication-and-authorization-plugins.html&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245309858&amp;sdata=fkahJ62aWFYh7QxcyFQbJV9u8OsTYSWp6pv0MNdzjps%3D&amp;reserved=0
>>>> - there's also some useful stuff in Apache ManifoldCF
>>>>
>>> https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.francelabs.com%2Fblog%2Ftutorial-on-authorizations-for-manifold-cf-and-solr%2F&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=iYiKRDJKYBZaxUd%2F%2BIddFBwxB2RhSqih2KZc26aZlRU%3D&amp;reserved=0
>>>>
>>>>
>>>> Best
>>>>
>>>> Charlie
>>>>
>>>>> On 18/11/2019 15:08, Kommu, Vinodh K. wrote:
>>>>> Hi,
>>>>>
>>>>> Does anyone know that Solr has any out of the box capability to
>>> integrate Active directory (using LDAP) when security is enabled? Instead
>>> of creating users in security.json file, planning to use users who already
>>> exists in active directory so they can use their individual credentials
>>> rather than defining in Solr. Did anyone came across similar requirement?
>>> If so was there any working solution?
>>>>>
>>>>>
>>>>> Thanks,
>>>>> Vinodh
>>>>>
>>>>> DTCC DISCLAIMER: This email and any files transmitted with it are
>>> confidential and intended solely for the use of the individual or entity to
>>> whom they are addressed. If you have received this email in error, please
>>> notify us immediately and delete the email and any attachments from your
>>> system. The recipient should check this email and any attachments for the
>>> presence of viruses. The company accepts no liability for any damage caused
>>> by any virus transmitted by this email.
>>>>>
>>>>
>>>> --
>>>> Charlie Hull
>>>> Flax - Open Source Enterprise Search
>>>>
>>>> tel/fax: +44 (0)8700 118334
>>>> mobile:  +44 (0)7767 825828
>>>> web:
>>> https://nam02.safelinks.protection.outlook.com/?url=www.flax.co.uk&amp;data=02%7C01%7Cvkommu%40dtcc.com%7C2e17e1feef78432502e008d76cd26635%7C0465519d7f554d47998b55e2a86f04a8%7C0%7C0%7C637097523245319858&amp;sdata=YNGIg%2FVgL2w82i3JWsBkBTJeefHMjSxbjLaQyOdJVt0%3D&amp;reserved=0
>>>>
>>>> DTCC DISCLAIMER: This email and any files transmitted with it are
>>> confidential and intended solely for the use of the individual or entity to
>>> whom they are addressed. If you have received this email in error, please
>>> notify us immediately and delete the email and any attachments from your
>>> system. The recipient should check this email and any attachments for the
>>> presence of viruses. The company accepts no liability for any damage caused
>>> by any virus transmitted by this email.
>>>>
>>>