[
https://issues.apache.org/jira/browse/SOLR-12948?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wei Liao updated SOLR-12948:
----------------------------
Description:
I've enabled basic auth in my solr 7.5 installation (with no blockUnknown),
created an admin role and added all of the [predefined
permission|https://lucene.apache.org/solr/guide/7_5/rule-based-authorization-plugin.html]
(except read and all) to the role, and created an admin user with that role.
What I wanted to do, is to enable public access only to the /select for
querying, and password protect everything else.
With this, I can hit /select without authentication, but when I browse to the
admin UI, the login window pops up as I'd expect, but the dashboard page also
loaded up, see attached. I'd have expected nothing's showing except the login.
If this is the wrong approach to what I needed, I'm interested in what you guys
do to achieve this.
Thanks!
was:
I've enabled basic auth in my solr 7.5 installation (with no blockUnknown),
created an admin role and added all of the predefined permission (except read
and all) to the role, and created an admin user with that role.
What I wanted to do, is to enable public access only to the /select for
querying, and password protect everything else.
With this, I can hit /select without authentication, but when I browse to the
admin UI, the login window pops up as I'd expect, but the dashboard page also
loaded up, see attached. I'd have expected nothing's showing except the login.
If this is the wrong approach to what I needed, I'm interested in what you guys
do to achieve this.
Thanks!
> Basic Auth login windows pops up with page loaded
> -------------------------------------------------
>
> Key: SOLR-12948
> URL: https://issues.apache.org/jira/browse/SOLR-12948
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Admin UI
> Affects Versions: 7.5
> Reporter: Wei Liao
> Priority: Major
> Attachments: Screenshot from 2018-10-31 14-30-09.png
>
>
> I've enabled basic auth in my solr 7.5 installation (with no blockUnknown),
> created an admin role and added all of the [predefined
> permission|https://lucene.apache.org/solr/guide/7_5/rule-based-authorization-plugin.html]
> (except read and all) to the role, and created an admin user with that role.
> What I wanted to do, is to enable public access only to the /select for
> querying, and password protect everything else.
> With this, I can hit /select without authentication, but when I browse to the
> admin UI, the login window pops up as I'd expect, but the dashboard page also
> loaded up, see attached. I'd have expected nothing's showing except the login.
> If this is the wrong approach to what I needed, I'm interested in what you
> guys do to achieve this.
> Thanks!
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
