[
https://issues.apache.org/jira/browse/SOLR-7755?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14615243#comment-14615243
]
Noble Paul commented on SOLR-7755:
----------------------------------
bq.Sure not, but this kind of an interface should only be exposed to an admin,
not a regular "user".
Admin is a human being. I mean it should be exposed only to a well tested
program ..
bq.In that case, do you propose that the system assumed a default/preconfigured
admin user principal?
NO. The system will always start with an empty {{/security.json}} . In that
case no security is enabled. We will provide users with standard tested startup
{{security.json}} for each scheme . That will contain a user and role
bq.But in that case, most datastores (MySQL, Oracle comes to mind) have their
own built-in user management
YES. Solr will have ability to mange users . if you use the
BasicAuth/ZKBasedAuthc pair. If you want to use other plugins , it will be
uptto the plugin to decide what is editable and what is not
> An API to edit the Basic Auth security params
> ---------------------------------------------
>
> Key: SOLR-7755
> URL: https://issues.apache.org/jira/browse/SOLR-7755
> Project: Solr
> Issue Type: Sub-task
> Components: security
> Reporter: Noble Paul
> Assignee: Noble Paul
>
> example
> {code}
> curl http://localhost:8983/solr/admin/authorization -H
> 'Content-type:application/json' -d '{
> "add-user" : {"name" : "tom",
> "role": ["admin","dev"]
> },
> "create-permission" :{"name":"mycoll-update",
> "before" :"some-other-permission",
> "path":"/update/*"
> "role":["dev","admin"]
> }
> }'
> {code}
> Please note that the set of parameters required for a basic ZK based impl
> will be completely different from that of a Kerberos implementation. However
> the framework would remain the same. The end point will remain the same,
> though
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
