On 3/12/2018 4:07 PM, Terry Steichen wrote:
> I'm using 6.6.0 with security.json active, having the content shown
> below. I am running standalone mode, have two solr cores defined:
> email1, and email2. Since the 'blockUnknown' is set to false, everyone
> should have access to any unprotected resource. As you can see, I have
> three users defined: joe, solr and terry (the latter two having an admin
> What I expect to happen is for user joe (who is not an admin) to be able
> to access core emails2 without being challenged for his credentials.
> But, user joe should also be challenged and not allowed to access emails1.
> But solr appears to ignore the "collections" portion of the permission -
> it denies joe access to both cores.
> "blockUnknown": true,
Above you said that blockUnknown was false. But in the config that
you've included here, I can clearly see it set to true. Could that be
I don't actually know anything about the authentication/authorization
plugin configuration. But I can spot a discrepancy!
I can see in your original email, where the config got formatted badly,
that it was false. So which is actually there?