Hi Karl, The construct this way is clear. I hoped it would be more 'transparent' to the underlying processes.
The next question that raises is: what is the (environment) variable name that ManifoldCF is expecting the authenticated username in? This is for me the 'missing' link in the setup. I have no clue what (as an example) to 'append' to the url to convey the username to ManifoldCF. Or is this configurable? If so where can I find it. As So far it has escaped my attention. Regards, Bert. On 02/18/2013 03:33 PM, Karl Wright wrote: Hi Bert, Typically the authenticated user name would get passed from mod-auth-kerb to Tomcat (or whatever the app server is you are running solr under) as an argument, maybe appended to the url. It's going to be up to you to figure out how to do that. Others may have more concrete suggestions. Karl On Mon, Feb 18, 2013 at 9:28 AM, Bert van Hoesel <[email protected]><mailto:[email protected]> wrote: Hi Karl, To be more precise. We are trying to get an 'sightly' customized Blacklight fronted to connect to solr via ManifoldCF with authorization (obvious). Blacklight is running from within Apache. So that would be a pre for mod-auth-kerb. But ManifoldCF is running from within a Tomcat instance. In this construct it is still not clear to me how and if this is going to work. Technically, I am still missing the link between the login on Apache and the authentication / user 'handover' to the Tomcat environment for Manifold. So if anyone can pitch in to describe their solution. It would be much appreciated. Regards, Bert. On 02/18/2013 03:09 PM, Karl Wright wrote: Hi Bert, Others, I hope, will chime in on this thread and let you know what precise solutions they have adopted. But, in general, the solution you use will depend on the environment you intend to run in. As you point out, JAAS authentication is an option, should you be able to find an appropriate JAAS plugin that does what you want. If you want to do things via the Apache web server, I'd look at mod-auth-kerb rather than mod-authz. Others, no doubt, have less generic suggestions. Karl On Mon, Feb 18, 2013 at 9:03 AM, Bert van Hoesel <[email protected]><mailto:[email protected]> wrote: Hi, At the moment for the most part it is clear how to install, configure and populate manifoldcd and solr with authorized data. Using the added Manifoldcf 'search' url I can see I do not have access to any 'authorized' documents. Indeed I only see the non authorized documents. Thus the next step would be an authentication mechanism on top of this. I have been looking 'around' but was not able to find enough pointers on how to accomplish this. Two 'obvious' paths seem to be available: JAAS or apache mod_authz. But maybe other solutions exists. Most preferable options are those with minimal (java) programming. Biggest issue at the moment is that I can not figure out how authentication data is propagated into ManifoldCF. Can anybody point me to some howtoo's or documentation of some kind on how to accomplish this authentication on top of ManifoldCF. Thanks in advance. Regards, Bert.
