thelabdude opened a new pull request #245: URL: https://github.com/apache/solr/pull/245
https://issues.apache.org/jira/browse/SOLR-15573 # Description See JIRA for details # Solution Adding `security-read` and `config-edit` to initial `security.json` created by the SolrCLI `auth` tool so that when `blockUnknown=false` these endpoints are still protected (anonymous should be allowed to read security config). Now when a user comes to the Admin UI and has not logged in, when they view the Security screen, they will be re-directed to login first. The `config-edit` is for the Schema Designer UI. If a user does not have that permission, the Schema Designer link is hidden and the Schema Design screen is un-usable if they navigate to it directly. Fixed the arg parsing in bin/solr for auth so that `-blockUnknown false` works now. # Tests Manual tests in the browser. Start Solr in cloud mode, e.g.: ``` bin/solr start -c -z localhost:2181 -f ``` and then enable security with `blockUnknown=false` using: ``` bin/solr auth enable -type basicAuth -prompt true -z localhost:2181 -blockUnknown false ``` # Checklist Please review the following and check all that apply: - [ ] I have reviewed the guidelines for [How to Contribute](https://wiki.apache.org/solr/HowToContribute) and my code conforms to the standards described there to the best of my ability. - [ ] I have created a Jira issue and added the issue ID to my pull request title. - [ ] I have given Solr maintainers [access](https://help.github.com/en/articles/allowing-changes-to-a-pull-request-branch-created-from-a-fork) to contribute to my PR branch. (optional but recommended) - [ ] I have developed this patch against the `main` branch. - [ ] I have run `./gradlew check`. - [ ] I have added tests for my changes. - [ ] I have added documentation for the [Reference Guide](https://github.com/apache/solr/tree/main/solr/solr-ref-guide) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
