[jira] [Commented] (SOLR-11238) Solr authorization plugin is not able to pass additional params downstream

Tue, 24 Oct 2017 14:42:14 -0700 

    [ 
https://issues.apache.org/jira/browse/SOLR-11238?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16217752#comment-16217752
 ] 

Hrishikesh Gadre commented on SOLR-11238:
-----------------------------------------

Update - 2 months after posting this patch, I found an alternative to extract 
username and associated roles in the search component without requiring this 
fix.

https://github.com/hgadre/sentry/blob/a4ecc83d3e92c81e61aa5441102a9bcd6e90d421/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java

I think we should close this jira as "Won't fix" since currently there is no 
use-case which requires this functionality. 

> Solr authorization plugin is not able to pass additional params downstream
> --------------------------------------------------------------------------
>
>                 Key: SOLR-11238
>                 URL: https://issues.apache.org/jira/browse/SOLR-11238
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>    Affects Versions: 6.6
>            Reporter: Hrishikesh Gadre
>         Attachments: SOLR-11238.patch
>
>
> Authorization checks in Solr are implemented by invoking configured 
> authorization plugin with AuthorizationContext object. The plugin is expected 
> to return an AuthorizationResponse object which provides the result (which 
> can be OK/FORBIDDEN/PROMPT).
> In some cases (e.g. document level security implemented in Apache Sentry), it 
> is useful for the authorization plugin to add (or override) the request 
> parameters sent by the user (which are represented as SolrParams in 
> [AuthorizationContext| 
> https://github.com/apache/lucene-solr/blob/3cbbecca026eb2a9491fa4a24ecc2c43c26e58bd/solr/core/src/java/org/apache/solr/security/AuthorizationContext.java#L38]).
>  This jira is to introduce an ability to customize the parameters by the 
> authorization plugin.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to