On Sat, Feb 19, 2022 at 10:59 PM Jason Gerlowski <[email protected]> wrote: > > Hi all, > > I posted this question in Slack a few days ago, but I didn't get any > bites so I'm copying here as well for the larger set of eyes: > > Does anyone have a good understanding of how the v2 > authentication/authorization APIs work? I’d like to convert them to > over to the annotation framework (SOLR-15738), but I’m having a hard > time understanding what each of the "cluster.security.*" apispec > files is actually for. > > - The plugin-specific apispec’s (e.g. > cluster.security.JwtAuth.Commands) are pretty self explanatory, and > what I would expect to see. > - The remaining 4 look like they’re used as defaults or fallbacks in > SecurityConfHandler, but the logic in how they’re registered looks > more involved than I’d expect if that were true. SecurityConfHandler > registers two of the apispecs ( cluster.security.authentication and > cluster.security.authorization ) unconditionally, while it registers > the other two only if the Authc/AuthzPlugins don’t have an API/spec > that they provide themselves. > > It looks like this was all setup in the same mega-JIRA (SOLR-8029) > that added all the v2 APIs, so there was too much else going on for it > to merit discussion there apparently. > We should get rid of the defaults spec files. It actually does not do anything. Is there a JIRA where you are tracking these where I can collaborate?
> Anyway, if anyone can shed any light on the 4 "fallback" or "default" > apispecs and why they're registered differently, I'd love to hear it. > Thanks all! > > Best, > > Jason > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > -- ----------------------------------------------------- Noble Paul
