[jira] [Comment Edited] (SOLR-12121) JWT Authentication plugin

Fri, 23 Mar 2018 09:43:21 -0700 

    [ 
https://issues.apache.org/jira/browse/SOLR-12121?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16411674#comment-16411674
 ] 

Jan Høydahl edited comment on SOLR-12121 at 3/23/18 4:42 PM:
-------------------------------------------------------------

First version is ready for review in Github [PR 
#343|https://github.com/apache/lucene-solr/pull/343]

Still some TODO and NOCOMMIT. Lacks some end-to-end tests etc.

See [sample RefGuide page 
here|https://github.com/cominvent/lucene-solr/blob/2d3a7f4112509c9581d97c36a088715bd0aebca4/solr/solr-ref-guide/src/jwt-authentication-plugin.adoc]


was (Author: janhoy):
First version is ready for review in Github [PR 
#343|https://github.com/apache/lucene-solr/pull/343]

Still some TODO and NOCOMMIT. Lacks some end-to-end tests etc.

> JWT Authentication plugin
> -------------------------
>
>                 Key: SOLR-12121
>                 URL: https://issues.apache.org/jira/browse/SOLR-12121
>             Project: Solr
>          Issue Type: New Feature
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Authentication
>            Reporter: Jan Høydahl
>            Assignee: Jan Høydahl
>            Priority: Major
>             Fix For: 7.4, master (8.0)
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> A new Authentication plugin that will accept a [Json Web 
> Token|https://en.wikipedia.org/wiki/JSON_Web_Token] (JWT) in the 
> Authorization header and validate it by checking the cryptographic signature. 
> The plugin will not perform the authentication itself but assert that the 
> user was authenticated by the service that issued the JWT token.
> JWT defined a number of standard claims, and user principal can be fetched 
> from the {{sub}} (subject) claim and passed on to Solr. The plugin will 
> always check the {{exp}} (expiry) claim and optionally enforce checks on the 
> {{iss}} (issuer) and {{aud}} (audience) claims.
> The first version of the plugin will only support RSA signing keys and will 
> support fetching the public key of the issuer through a [Json Web 
> Key|https://tools.ietf.org/html/rfc7517] (JWK) file, either from a https URL 
> or from local file.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to