[
https://issues.apache.org/jira/browse/SOLR-13071?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17295322#comment-17295322
]
David Eric Pugh commented on SOLR-13071:
----------------------------------------
I've heard of some CLI's that actually pop open a browser window to do the
authentication, and then, I think by running a local webserver, capture the
redirect, which then lets you get the authorization code, and use that to get
the access_token.
Having said that, I haven't found an example written in Java of a CLI doing
this, and I'm not sure that I could grok how to do that from scratch.
So what you are suggesting is we just document how to get the access_token, and
then have someone put that in a file that is read? That seems easier, and or
a good first step.
> Add JWT Auth support in bin/solr
> --------------------------------
>
> Key: SOLR-13071
> URL: https://issues.apache.org/jira/browse/SOLR-13071
> Project: Solr
> Issue Type: Improvement
> Components: scripts and tools
> Reporter: Jan Høydahl
> Priority: Major
>
> Once SOLR-12121 gets in, we should add support to {{bin/solr}} start scripts
> so they can authenticate with Solr using a JWT token. A preferred way would
> perhaps be through {{solr.in.sh}} and add new
> {noformat}
> SOLR_AUTH_TYPE=token
> SOLR_AUTHENTICATION_OPTS=-DjwtToken=....
> {noformat}
> A disadvantage with this method is that the user needs to know how to obtain
> the token, and the token needs to be long-lived. A more sophisticated way
> would be a {{bin/solr auth login}} command that opens a browser window with
> the IDP login screen and saves the short-lived access token and optionally
> refresh token, in the file system.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
