[
https://issues.apache.org/jira/browse/SOLR-8429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Noble Paul updated SOLR-8429:
-----------------------------
Description:
If authentication is setup with BasicAuthPlugin, it let's all requests go
through if no credentials are passed. This was done to have minimal impact for
users who only wishes to protect a few end points (say , collection admin and
core admin only)
We can add a flag to {{BasicAuthPlugin}} to allow only authenticated requests
to go in
the users can create the first security.json with that
{code}
{code}
was:
If authentication is setup with BasicAuthPlugin, it let's all requests go
through if no credentials are passed. This was done to have minimal impact for
users who only wishes to protect a few end points (say , collection admin and
core admin only)
We can add a flag to {{BasicAuthPlugin}} to allow only authenticated requests
to go in
> add a flag blockUnknown to BasicAutPlugin
> -----------------------------------------
>
> Key: SOLR-8429
> URL: https://issues.apache.org/jira/browse/SOLR-8429
> Project: Solr
> Issue Type: Improvement
> Reporter: Noble Paul
> Assignee: Noble Paul
>
> If authentication is setup with BasicAuthPlugin, it let's all requests go
> through if no credentials are passed. This was done to have minimal impact
> for users who only wishes to protect a few end points (say , collection admin
> and core admin only)
> We can add a flag to {{BasicAuthPlugin}} to allow only authenticated requests
> to go in
> the users can create the first security.json with that
> {code}
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
