[
https://issues.apache.org/jira/browse/SOLR-13649?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16897554#comment-16897554
]
Marcus Eagan commented on SOLR-13649:
-------------------------------------
[~noble.paul] Can you explain what's backward incompatible about it so that the
community has the details?
I've explained why we need to change it if you read above. All our
documentation is a false statement, starting with documentation you wrote.
Secondly, the default behavior is not intuitive yet should not require
documentation consultation.
> BasicAuth's 'blockUnknown' param should default to true
> -------------------------------------------------------
>
> Key: SOLR-13649
> URL: https://issues.apache.org/jira/browse/SOLR-13649
> Project: Solr
> Issue Type: Improvement
> Components: Admin UI, Authentication, security
> Affects Versions: 7.7.2, 8.1.1
> Environment: All
> Reporter: Marcus Eagan
> Priority: Major
> Labels: Authentication
> Fix For: master (9.0)
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> If someone seeks to enable basic authentication but they do not specify the
> {{blockUnknown}} parameter, the default value is {{false}}. That default
> behavior is a bit counterintuitive because if someone wishes to enable basic
> authentication, you would expect that they would want all unknown users to
> need to authenticate by default. I can imagine cases where you would not, but
> those cases would be less frequent.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
