[jira] [Created] (SOLR-14720) Validate Sanctity of Request Type

Atri Sharma (Jira) Fri, 07 Aug 2020 03:08:14 -0700

Atri Sharma created SOLR-14720:
----------------------------------

             Summary: Validate Sanctity of Request Type
                 Key: SOLR-14720
                 URL: https://issues.apache.org/jira/browse/SOLR-14720
             Project: Solr
          Issue Type: Improvement
      Security Level: Public (Default Security Level. Issues are Public)
            Reporter: Atri Sharma



https://issues.apache.org/jira/browse/SOLR-13528 introduces a mechanism to 
identify between internal (server) and external (client) requests. Currently, 
this mechanism works on populating a relevant field in the request's headers. 
However, a rogue client can impersonate or fabricate a server request.

 

This Jira tracks effort to validate that a client request's context is set 
correctly. We look to tap into the authentication loop to piggy back on the 
information provided there.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org

[jira] [Created] (SOLR-14720) Validate Sanctity of Request Type

Reply via email to