This is an automated email from the ASF dual-hosted git repository.
epugh pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git
The following commit(s) were added to refs/heads/main by this push:
new 2af9197e49c Update password hash documentation on basic authentication
(#2257)
2af9197e49c is described below
commit 2af9197e49ccf21b881a0588859ebbd7564aa9d5
Author: Matteias Collet <[email protected]>
AuthorDate: Mon Feb 12 14:58:59 2024 +0100
Update password hash documentation on basic authentication (#2257)
Co-authored-by: Eric Pugh <[email protected]>
Co-authored-by: Jan Høydahl <[email protected]>
---
.../modules/deployment-guide/pages/basic-authentication-plugin.adoc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git
a/solr/solr-ref-guide/modules/deployment-guide/pages/basic-authentication-plugin.adoc
b/solr/solr-ref-guide/modules/deployment-guide/pages/basic-authentication-plugin.adoc
index e649f4a51a2..bfc998021ab 100644
---
a/solr/solr-ref-guide/modules/deployment-guide/pages/basic-authentication-plugin.adoc
+++
b/solr/solr-ref-guide/modules/deployment-guide/pages/basic-authentication-plugin.adoc
@@ -29,7 +29,7 @@ This file and where to put it is described in detail in the
section xref:authent
If running in cloud mode, you can use the `bin/solr auth` command-line utility
to enable security for a new installation, see: `bin/solr auth --help` for more
details.
For Basic authentication, `security.json` must have an `authentication` block
which defines the class being used for authentication.
-Usernames and passwords (as a sha256(password+salt) hash) could be added when
the file is created, or can be added later with the Authentication API,
described below.
+Usernames and passwords (Format: `base64(sha256(sha256(salt+password))
base64(salt)`) could be added when the file is created, or can be added later
with the Authentication API, described below.
An example `security.json` showing `authentication` and `authorization` blocks
is shown below to show how authentication and authorization plugins can work
together:
@@ -55,7 +55,7 @@ There are several options defined in this example:
<1> The first block defines the authentication plugin to be used and its
parameters.
<2> The parameter `"blockUnknown":true` means that unauthenticated requests
are not allowed to pass through.
-<3> A user called 'solr', with a password `'SolrRocks'` has been defined.
+<3> A user called 'solr', with a password `'SolrRocks'`, in the encoded format
detailed above, has been defined.
<4> We override the `realm` property to display another text on the login
prompt.
<5> The parameter `"forwardCredentials":false` means we let Solr's PKI
authenticaion handle distributed request instead of forwarding the Basic Auth
header.
