madrob commented on a change in pull request #606:
URL: https://github.com/apache/solr/pull/606#discussion_r801196551
##########
File path: versions.lock
##########
@@ -175,9 +175,10 @@ org.apache.zookeeper:zookeeper-jute:3.7.0 (1 constraints:
8a0d3a28)
org.apiguardian:apiguardian-api:1.1.0 (3 constraints: 5f208479)
org.aspectj:aspectjrt:1.8.0 (1 constraints: 0b050836)
org.bitbucket.b_c:jose4j:0.7.7 (1 constraints: 10050736)
-org.bouncycastle:bcmail-jdk15on:1.69 (1 constraints: e4040431)
-org.bouncycastle:bcpkix-jdk15on:1.69 (1 constraints: e4040431)
-org.bouncycastle:bcprov-jdk15on:1.69 (1 constraints: e4040431)
+org.bouncycastle:bcmail-jdk15on:1.70 (1 constraints: e4040431)
+org.bouncycastle:bcpkix-jdk15on:1.70 (2 constraints: 73133c52)
+org.bouncycastle:bcprov-jdk15on:1.70 (3 constraints: 941ff808)
+org.bouncycastle:bcutil-jdk15on:1.70 (1 constraints: 580d0529)
Review comment:
precommit fails because we are missing a license file for this new bc
dependency - all of the BC libraries are MIT although we have them listed as
"BSD_LIKE" - you can see the changes I made for it in the other PR.
##########
File path: solr/modules/jwt-auth/README.md
##########
@@ -0,0 +1,25 @@
+Apache Solr JWT Authentication Plugin
+=====================================
+
+Introduction
+------------
+Solr can support [JSON Web
Token](https://en.wikipedia.org/wiki/JSON_Web_Token) (JWT) based
+Bearer authentication with the use of the JWTAuthPlugin.
+
+This allows Solr to assert that a user is already authenticated with an
external
+[Identity Provider](https://en.wikipedia.org/wiki/Identity_provider) by
validating
+that the JWT formatted [access
token](https://en.wikipedia.org/wiki/Access_token)
+is digitally signed by the Identity Provider.
+
+The typical use case is to integrate Solr with an [OpenID
Connect](https://en.wikipedia.org/wiki/OpenID_Connect)
+enabled IdP.
Review comment:
nit: is `IdP` a well known term for Identity Provider? Maybe wouldn't
hurt to spell it out here, especially for somebody new that is exploring our
contrive as a measure of project or maturity.
##########
File path: gradle/documentation/render-javadoc.gradle
##########
@@ -118,6 +118,15 @@ configure(project(":solr:modules:analysis-extras")) {
}
}
+configure(project(":solr:modules:jwt-auth")) {
+ project.tasks.withType(RenderJavadocTask) {
+ // TODO: clean up split packages
+ javadocMissingIgnore = [
+ "org.apache.solr.security"
Review comment:
Since you moved everything to o.a.s.security.jwt, do we still need this?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
