Dear Wiki user, You have subscribed to a wiki page or wiki category on "Solr Wiki" for change notification.
The "SolrSecurity" page has been changed by Per Steffensen: http://wiki.apache.org/solr/SolrSecurity?action=diff&rev1=30&rev2=31 {{{ <filter> <filter-name>RegExpAuthorizationFilter</filter-name> - <filter-class>org.apache.solr.servlet..security.RegExpAuthorizationFilter</filter-class> + <filter-class>org.apache.solr.servlet.security.RegExpAuthorizationFilter</filter-class> <init-param> <param-name>search-constraint</param-name> <param-value>1|update-role,admin-role|^.*/update$</param-value> @@ -249, +249 @@ The RegExpAuthorizationFilter verifies authorization by matching paths against patterns - but support regular expression patterns. The patterns and corresponding "allowed roles" are provided to RegExpAuthorizationFilter using init-params. You provide an init-param for every "rule" you want to set up. Each init-param has to have a value on the from "<order>|<comma-separated-roles>|<path-regular-expression>" where * ''order'' is the order of this "rule" relative to the other "rules". Unfortunately it is not enough just to make sure the "rules" are ordered correctly in the web.xml, because the init-params might not be provided to the filter in that order * ''comma-separated-roles'' is a comma separated list of "roles" allowed to access paths matching ''path-regular-expressoin'' of the same "rule" + * ''path-regular-expression'' is a regular expression (as understood by java.util.regex.Pattern) matched against the path of a particular request hitting the filter. - * ''path-regular-expression'' is a regular expression (as understood by java.util.regex.Pattern) matched against the path of a particular request hitting the filter. RegExpAuthorizationFilter iterates "rules" in the given order, matches the request-path against its ''path-regular-expression''. If no match continues to next "rule", if match the next "rule" is never considered. Of no "rules" match the request is allowed to proceed - it passed authorization so to speak. In case of a match the authenticated user will be matched against the roles in ''comma-separated-roles'' and only allowed access in case he is in one of the roles mentioned. In case he is not the filter will return a response with status-code 403 "Unauthorized". + RegExpAuthorizationFilter iterates "rules" in the given order, matches the request-path against its ''path-regular-expression''. If no match continues to next "rule", if match the next "rule" is never considered. Of no "rules" match the request is allowed to proceed - it passed authorization so to speak. In case of a match the authenticated user will be matched against the roles in ''comma-separated-roles'' and only allowed access in case he is in one of the roles mentioned. In case he is not the filter will return a response with status-code 403 "Unauthorized". === Resin example ===
