Hey Jan, Is this a case of something that'd be fixed by https://issues.apache.org/jira/browse/SOLR-13071 ?
Just wondering Best, Jason On Thu, Dec 12, 2019 at 5:43 PM Jan Høydahl <jan....@cominvent.com> wrote: > > Try something like this > https://gist.github.com/b330e1bea7842bcdc1e5fa3940b4a4f7 > <https://gist.github.com/b330e1bea7842bcdc1e5fa3940b4a4f7> > > The trick is to «whitelist» certain paths that will not require auth, but > then further down add rules to block all other paths either as admin role or > with special role *»* which means «any authenticated user». > > Jan > > > 12. des. 2019 kl. 07:47 skrev Lakhan Gupta > > <lakhan.gu...@infogain.com.INVALID>: > > > > Hi, > > > > Using solr 8.1.1 version and facing problem while enabling jwt > > authentication in solr. Jwt authentication is working fine after > > configuring security.json file. Below is the configuration I am using for > > enabling jwt authentication. > > > > Security.json > > > > { > > "authentication":{ > > "blockUnknown": false, > > "class":"solr.JWTAuthPlugin", > > "jwk":{ > > "kty":"oct", > > "use":"sig", > > "kid":"k1", > > > > "k":"7A02618BE6943C22FD81CAB9F6FCF063B6E1732C3614BC3ACA6032B6B3215CAF0D28A34FD423423CA3AC34BEA27D3F79", > > "alg":"HS256"}, > > "aud":"solr"}, > > "authorization":{ > > "class":"solr.RuleBasedAuthorizationPlugin", > > "permissions":[ > > { > > "name":"all", > > "path":"/*", > > "role":"admin" > > } > > ], > > "user-role":{ > > "solr":"admin" > > } > > } > > } > > > > Using secret key > > 7A02618BE6943C22FD81CAB9F6FCF063B6E1732C3614BC3ACA6032B6B3215CAF0D28A34FD423423CA3AC34BEA27D3F79 > > > > Jwt token is generated: > > eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhZCIsImF1ZCI6InNvbHIiLCJleHAiOjk5MTYyMzkwMjJ9.M4PksJTJ9gFjOlvvFmG1eDSyXDtKIRSGIYicIW9hwT4 > > > > Below header and payload I'm using for generate jwt token : > > > > The header is > > { > > "alg": "HS256", > > "typ": "JWT" > > } > > > > and the payload is > > > > { > > "sub": "admin", > > "aud": "Solr", > > "exp": 9916239022 > > } > > > > With above configuration my jwt authentication is working fine. But there > > is a problem when request is sent without authentication in header the api > > still retrieving data. I want to prevent it when request come without > > authentication header. > > > > For that, I've enabled blockUnknown parameter in security.json file. That > > works fine and authentication request is required. But, after enabling > > blockunknown parameter I am facing below exception while starting solr > > using solr start command. > > > > > > ERROR: Solr requires authentication for > > http://localhost:8983/solr/admin/info/system. Please supply valid > > credentials. HTTP code=401 > > > > I've googled a lot and find out > > > > solr/admin/info/system endpoint required authentication. > > > > How to authenticate solr/admin/info/system endpoint while startup solr? > > > > Need urgent help. I'd appreciate if someone can help me. > > > > Thanks > > Lakhan Gupta > > > > > > > > The information in this email is confidential and may be legally > > privileged. It is intended solely for the addressee and access to it by > > anyone else is unauthorized. If you are not the intended recipient, any > > disclosure, copying, distribution or any action taken or omitted to be > > taken based on it, is strictly prohibited and may be unlawful. >
