Hi Solr Users,
I want to create a user that has restricted access to Solr. I did the
follwowing:-
1. {
2. "authentication":{
3. "blockUnknown": true,
4. "class":"solr.BasicAuthPlugin",
5. "credentials":{
6. "solr-admin":
"2IUJD9dxRhxSXaJGdMP5z8ggSn4I285Ty9GCWeRNMUg=
/sSNJJufPtj4baRizoJshJawFsWvopvZSqZpQ/Nwd78="
,
7. "solr-user":
"p+XwOh15p/rvFltv2LXP1CwtbvwBgGlC9qcDKxV73B4=
DcNsjfA6Wf16V1XKT+YraosSFQ5Cr3eRUX6BQnx9XKA="
8. }
9. },
10. "authorization":{
11. "class":"solr.RuleBasedAuthorizationPlugin",
12. "user-role":{"solr-admin":"admin", "solr-user":"dev"},
13. "permissions":[
14. {
15. "name":"security-edit",
16. "role":"admin"
17. },
18. {
19. "collection": ["Collection1", "Collection2"],
20. "name": ["update", "read"],
21. "role": "dev"
22. }
23. ]
24. }}
But when Login intot the Solr admin dash-board using Solr-user credentials,
I can read, select, write, update, delete collections and do all sorts of
things like a solr-admin can do.
I want solr-user to be able to access only *Collection1* and *Collection2*
and be able to only *update *and *read*. He should not be able to access
other collections and do anything apart from the above mentioned role.
Where am I exactly going wrong?
Thanks and Regards,
Salmaan
