Zhenxu Ke created SOLR-15295:
--------------------------------
Summary: Provide allowlisting mechanism in the JWT auth plugin to
ignore paths like login
Key: SOLR-15295
URL: https://issues.apache.org/jira/browse/SOLR-15295
Project: Solr
Issue Type: Wish
Security Level: Public (Default Security Level. Issues are Public)
Components: Authorization, Plugin system
Reporter: Zhenxu Ke
I'm recently working (with [~epugh] ) on YASA to make it work under the auth
plugins.
I saw in the codes that the authenticator allowlists the Admin login path
`{{/solr/` explicitly}}, while for YASA, its path must start with `{{/v2`}} ,
not matching the whitelisted paths and will be intercepted, hence the login
page won't be reached and redirected, I also didn't find a allowlisting
mechanism in the JWT auth plugin, and
[RBAP|https://nightlies.apache.org/Solr/Solr-reference-guide-main/rule-based-authorization-plugin.html]
doesn't seem to fit this case either. So I'm wondering if it's possible to
provide allowlisting mechanism in the JWT auth plugin, so that users can
configure the login paths for plugins like YASA to work?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
