[jira] [Commented] (SOLR-8440) Script support for enabling basic auth

Mon, 08 May 2017 08:22:20 -0700 

    [ 
https://issues.apache.org/jira/browse/SOLR-8440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16000901#comment-16000901
 ] 

Ishan Chattopadhyaya commented on SOLR-8440:
--------------------------------------------

Hrishikesh, given that the credentials are specified by the user in clear text 
anyway, printing it out doesn't seem any worse.

However, if we want the user to put in the credentials himself/herself in 
solr.in.sh (not very user friendly), we can do the following:
# The script/SolrCLI prompts the user for the credentials.
# Prints out a message to put the password into the solr.in.sh with redacted 
credentials.

Please note that the credentials are to be present in solr.in.sh file in clear 
text anyway.

> Script support for enabling basic auth
> --------------------------------------
>
>                 Key: SOLR-8440
>                 URL: https://issues.apache.org/jira/browse/SOLR-8440
>             Project: Solr
>          Issue Type: New Feature
>          Components: scripts and tools
>            Reporter: Jan Høydahl
>            Assignee: Ishan Chattopadhyaya
>              Labels: authentication, security
>         Attachments: SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch, 
> SOLR-8440.patch, SOLR-8440.patch
>
>
> Now that BasicAuthPlugin will be able to work without an AuthorizationPlugin 
> (SOLR-8429), it would be sweet to provide a super simple way to "Password 
> protect Solr"™ right from the command line:
> {noformat}
> bin/solr basicAuth -adduser -user solr -pass SolrRocks
> {noformat}
> It would take the mystery out of enabling one single password across the 
> board. The command would do something like this
> # Check if HTTPS is enabled, and if not, print a friendly warning
> # Check if {{/security.json}} already exists
> ## NO => create one with only plugin class defined
> ## YES => Abort if exists but plugin is not {{BasicAuthPlugin}}
> # Using security REST API, add the new user



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to