[
https://issues.apache.org/jira/browse/SOLR-11781?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16401888#comment-16401888
]
Jan Høydahl commented on SOLR-11781:
------------------------------------
Hi. I have a need to implement audit logging plugin as well, and was
considering where to put it, either as part of Authentication plugin, as part
of Authorization plugin or as a new plugin type intercepting all requests.
Would love to hear more about how you did it.
In our case we need arbitrary information from the JWT token parsed by
authentication plugin. Is there any method to pass information (except for the
user principle) from Authentication to authorization? Can Auth plugin fill
information in AuthorizationContext?
> Pass impersonator info to the authorization plugin
> --------------------------------------------------
>
> Key: SOLR-11781
> URL: https://issues.apache.org/jira/browse/SOLR-11781
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Affects Versions: 7.0
> Reporter: Hrishikesh Gadre
> Priority: Minor
>
> SENTRY-1475 implemented Solr authorization plugin based on Sentry. This also
> includes the audit log functionality in Sentry. Currently authorization
> context is not providing the impersonator information which is required for
> the audit logs. We should improve Solr authorization framework to pass this
> extra information.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
