[ 
https://issues.apache.org/jira/browse/SOLR-9481?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15571331#comment-15571331
 ] 

ASF GitHub Bot commented on SOLR-9481:
--------------------------------------

GitHub user janhoy opened a pull request:

    https://github.com/apache/lucene-solr/pull/95

    SOLR-9481: Authentication and Authorization plugins support for non-cloud

    Adds ability to use Auth/Autz plugins in standalone non-cloud mode.
    * Place `security.json` in $SOLR_HOME
    * Solr will initialise plugins from local file
    * Edits through API `/solr/admin/authentication` and 
`/solr/admin/authorization`supported
      * Each edit will update local copy of `security.json` and reload security 
config
      * If you have several nodes in master/slave setup, need to perform the 
edit on each node
    * Refactored `SecurityConfHandler`into a base class independent of ZK. Each 
sub class overrides methods `getSecurityConfig`, `getConf`, `persistConf` and 
`securityConfEdited`:
      * `SecurityConfHandlerZk` is instantiated if zkAware
      * `SecurityConfHandlerLocal` is instantiated if in local mode, 
reads/writes local file in SOLR_HOME
      * In local mode there is no callback when `security.json` changes, so 
`SecurityConfHandlerLocal` explicitly reloads security configs in its 
`securityConfEdited()` method
      * `MockSecurityHandler` used in tests persists to in-memory Map
    * New object `SecurityConfig` to hold security config, since 
`ZkStateReader.ConfigData` is tied to ZK.
    * New test case `BasicAuthStandaloneTest` spins up Jetty, writes local 
`security.json` through the persistConf API, adds a user through edit API, 
validates that permission is enforced and that local file contains user name.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/cominvent/lucene-solr solr9481

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/lucene-solr/pull/95.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #95
    
----
commit 6c04d63e633f74b4df9f77ad78b2335d9dd87470
Author: Jan Høydahl <jan...@apache.org>
Date:   2016-10-13T08:46:30Z

    SOLR-9481: Authentication and Authorization plugins now work in standalone 
mode, including edit API

----


> BasicAuthPlugin should support standalone mode
> ----------------------------------------------
>
>                 Key: SOLR-9481
>                 URL: https://issues.apache.org/jira/browse/SOLR-9481
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: security
>            Reporter: Jan Høydahl
>            Assignee: Jan Høydahl
>              Labels: authentication
>         Attachments: SOLR-9481.patch
>
>
> The BasicAuthPlugin currently only supports SolrCloud, and reads users and 
> credentials from ZK /security.json
> Add support for standalone mode operation



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to