[ https://issues.apache.org/jira/browse/SOLR-12121?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16761564#comment-16761564 ]
ASF subversion and git services commented on SOLR-12121: -------------------------------------------------------- Commit d28ec13b9a977e0fdf1bb10a0fe89c6cb2e2caad in lucene-solr's branch refs/heads/branch_8x from Jan Høydahl [ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=d28ec13 ] SOLR-12121: Use a different JSON parser for JWTAuthPluginTest after upgrade to Hadoop3 > JWT Authentication plugin > ------------------------- > > Key: SOLR-12121 > URL: https://issues.apache.org/jira/browse/SOLR-12121 > Project: Solr > Issue Type: New Feature > Security Level: Public(Default Security Level. Issues are Public) > Components: Authentication > Reporter: Jan Høydahl > Assignee: Jan Høydahl > Priority: Major > Fix For: master (9.0) > > Attachments: image-2018-08-27-13-04-04-183.png > > Time Spent: 1h > Remaining Estimate: 0h > > A new Authentication plugin that will accept a [Json Web > Token|https://en.wikipedia.org/wiki/JSON_Web_Token] (JWT) in the > Authorization header and validate it by checking the cryptographic signature. > The plugin will not perform the authentication itself but assert that the > user was authenticated by the service that issued the JWT token. > JWT defined a number of standard claims, and user principal can be fetched > from the {{sub}} (subject) claim and passed on to Solr. The plugin will > always check the {{exp}} (expiry) claim and optionally enforce checks on the > {{iss}} (issuer) and {{aud}} (audience) claims. > The first version of the plugin will only support RSA signing keys and will > support fetching the public key of the issuer through a [Json Web > Key|https://tools.ietf.org/html/rfc7517] (JWK) file, either from a https URL > or from local file. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org