Hey, I'm new to configuring Solr. I'm trying to configure Solr with Rule Based Authorization. https://lucene.apache.org/solr/guide/8_6/rule-based-authorization-plugin.html
I have permissions working if I allow everything with "all", but I want to limit access so that a site can only access its own collection, in addition to a server ping path, so I'm trying to add the collection-specific permission at the top: "permissions": [ { "name": "custom-example", "collection": "example", "path": "*", "role": [ "admin", "example" ] }, { "name": "custom-collection", "collection": "*", "path": [ "/admin/luke", "/admin/mbeans", "/admin/system" ], "role": "*" }, { "name": "custom-ping", "collection": null, "path": [ "/admin/info/system" ], "role": "*" }, { "name": "all", "role": "admin" } ] The rule "custom-ping" works, and "all" works. But when the above permissions are used, access is denied to the "example" user-role for collection "example" at the path "/solr/example/select". If I specify paths explicitly, the permissions work, but I can't get permissions to work with path wildcards for a specific collection. I also had to declare "custom-collection" with the specific paths needed to get collection info in order for those paths to work. I would've expected that these paths would be included in the collection-specific paths and be covered by the first rule, but they aren't. For example, the call to "/solr/example/admin/luke" will fail if the path is removed from this rule. I don't really want to specify every single path I might need to use. Am I using the path wildcard wrong somehow? Is there a better way to do collection-specific authorizations for a collection "example"? Thanks. - M