Hi,
I am trying to configure security.json file, in order to define the
following users and permissions :
- user "admin" with all permissions on all collections
- user "read" with read permissions on all collections
- user "1" with only read permissions on biblio collection
- user "2" with only read permissions on personnes collection
Here is my security.json file
{
"authentication":{
"blockUnknown":true,
"class":"solr.BasicAuthPlugin",
"credentials":{
"admin":"4uwfcjV7bCqOdLF/Qn2wiTyC7zIWN6lyA1Bgp1yqZj0=
7PCh68vhIlZXg1l45kSlvGKowMg1bm/L3eSfgT5dzjs=",
"read":"azUFSo9/plsGkQGhSQuk8YXoir22pALVpP8wFkd7wlk=
gft4wNAeuvz7P8bv/Jv6TK94g516/qXe9cFWe/VlhDo=",
"1":"azUFSo9/plsGkQGhSQuk8YXoir22pALVpP8wFkd7wlk=
gft4wNAeuvz7P8bv/Jv6TK94g516/qXe9cFWe/VlhDo=",
"2":"azUFSo9/plsGkQGhSQuk8YXoir22pALVpP8wFkd7wlk=
gft4wNAeuvz7P8bv/Jv6TK94g516/qXe9cFWe/VlhDo="},
"":{"v":0}},
"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions":[
{
"name":"all",
"role":"admin",
"index":1},
{
"name":"read-biblio",
"path":"/select",
"role":["admin","read","r1"],
"collection":"biblio",
"index":2},
{
"name":"read-personnes",
"path":"/select",
"role":["admin","read","r2"],
"collection":"personnes",
"index":3},
{
"name":"read",
"collection":"*",
"role":["admin","read"],
"index":4}],
"user-role":{
"admin":"admin",
"read":"read",
"1":"r1",
"2":"r2"}
}
}
I have a 403 errors for user 1 on biblio and user 2 on personnes while
using the "/select" requestHandler. However according to r1 and r2 roles
and premissions order, the access should be allowed.
I have duplicated the TestRuleBasedAuthorizationPlugin.java class in order
to test these exact same permissions and roles. checkRules reports access
is allowed !!!
I don't understand where is the problem. Any ideas ?
Regards
Dominique
