Jan Høydahl created SOLR-12121:
----------------------------------
Summary: JWT Authentication plugin
Key: SOLR-12121
URL: https://issues.apache.org/jira/browse/SOLR-12121
Project: Solr
Issue Type: New Feature
Security Level: Public (Default Security Level. Issues are Public)
Components: Authentication
Reporter: Jan Høydahl
A new Authentication plugin that will accept a [Json Web
Token|https://en.wikipedia.org/wiki/JSON_Web_Token] (JWT) in the Authorization
header and validate it by checking the cryptographic signature. The plugin will
not perform the authentication itself but assert that the user was
authenticated by the service that issued the JWT token.
JWT defined a number of standard claims, and user principal can be fetched from
the {{sub}} (subject) claim and passed on to Solr. The plugin will always check
the {{exp}} (expiry) claim and optionally enforce checks on the {{iss}}
(issuer) and {{aud}} (audience) claims.
The first version of the plugin will only support RSA signing keys and will
support fetching the public key of the issuer through a [Json Web
Key|https://tools.ietf.org/html/rfc7517] (JWK) file, either from a https URL or
from local file.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
