[jira] [Commented] (CONNECTORS-1286) Solr Plugin: Add support for User Principal

Thu, 31 Mar 2016 00:49:20 -0700 

    [ 
https://issues.apache.org/jira/browse/CONNECTORS-1286?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15219530#comment-15219530
 ] 

Konrad Holl commented on CONNECTORS-1286:
-----------------------------------------

Actually the old mechanisms still work if no authentication is used - but 
you're right: If authentication is not configured correctly for Solr it will do 
as you describe.

So, an additional switch would make sense. Also, there are two modules which 
should share some common code (at the moment there is the same code inside two 
classes). I suggest to create a an abstract class as a base for those two 
containing shared code.

As for the version, the getUserPrincipal method is available since Solr 5.3, so 
this is something which needs to be mentioned in README.txt - or maybe a reason 
for not introducing this feature at all.

> Solr Plugin: Add support for User Principal
> -------------------------------------------
>
>                 Key: CONNECTORS-1286
>                 URL: https://issues.apache.org/jira/browse/CONNECTORS-1286
>             Project: ManifoldCF
>          Issue Type: Improvement
>          Components: Solr-5.x component
>    Affects Versions: ManifoldCF 2.3
>            Reporter: Konrad Holl
>            Assignee: Karl Wright
>            Priority: Minor
>             Fix For: ManifoldCF 2.4
>
>
> I’m using ManifoldCF 2.3 with Solr 5.4.1 and the Velocity templating engine. 
> I needed to do searches with ACLs enabled and installed the plugin. 
> Unfortunately it is not possible to use the login information provided by 
> Jetty in the Solr plugin.
> As of Solr 5.3 it is possible to extract the authenticated user from the 
> SolrQueryRequest object: 
> http://lucene.apache.org/solr/5_3_0/solr-core/org/apache/solr/request/SolrQueryRequest.html#getUserPrincipal().
>  I added these lines to the code in 
> org.apache.solr.mcf.ManifoldCFSearchComponent before the evaluation of 
> parameters for authenticated user name:
> {code}
>     String authDomain = (String)args.get("AuthDomain");
>     if (rb.req.getUserPrincipal() != null) {
>                 domainMap.put("", rb.req.getUserPrincipal().getName() + 
> ((authDomain == null) ? "" : "@" + authDomain));
>     }
>     else {
>       // Get the authenticated user name from the parameters
> {code}
> I also needed an additional setting “authDomain” in the search component 
> configuration (solrconfig.xml). Now I can use Velocity even for documents 
> with ACLs :o)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to