[
https://issues.apache.org/jira/browse/SOLR-15771?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Eric Pugh resolved SOLR-15771.
------------------------------
Fix Version/s: main (10.0)
9.4
Resolution: Fixed
> bin/solr auth enable should model best practices for security.json
> ------------------------------------------------------------------
>
> Key: SOLR-15771
> URL: https://issues.apache.org/jira/browse/SOLR-15771
> Project: Solr
> Issue Type: Bug
> Components: Authentication, SolrCLI
> Reporter: Eric Pugh
> Assignee: Eric Pugh
> Priority: Minor
> Fix For: main (10.0), 9.4
>
> Time Spent: 5h 10m
> Remaining Estimate: 0h
>
> During discussion of SOLR-15770, the idea came up that the {{bin/solr auth
> enable}} command should model a best practices setup of {{security.json}},
> with the idea that it's sometimes easier to show versus tell people how to
> setup security.
>
> My wish for that default security.json
> * Add three users {{user}} , {{admin}} and {{superadmin}}
> * Add three roles with the same names
> * Map *every* permission in the system to one or more of those roles
> * End the chain with an {{all}} permission connected to the {{superadmin}}
> role
> Bonus points would be to have the {{security.json}} be a template file read
> in by {{AuthTool}} instead of a hard to edit/understand String generated in
> Java. Then we could also reference this file in the Ref Guide (the way we do
> with some SolrJ chunks of code) and provide more detailed explanation of
> thinking in the Ref Guide.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
