Do you mean, what URL argument does the Apache Solr 4.x Plugin expect to see the authenticated user ID? I would have thought you'd already need that to confirm that everything works. But in case you didn't find it anywhere, it's "AuthenticatedUserName".
Karl On Mon, Feb 18, 2013 at 9:51 AM, Bert van Hoesel <[email protected]> wrote: > Hi Karl, > > The construct this way is clear. I hoped it would be more 'transparent' to > the underlying processes. > > The next question that raises is: what is the (environment) variable name > that ManifoldCF is expecting the authenticated username in? This is for me > the 'missing' link in the setup. I have no clue what (as an example) to > 'append' to the url to convey the username to ManifoldCF. Or is this > configurable? If so where can I find it. As So far it has escaped my > attention. > > Regards, > > Bert. > > On 02/18/2013 03:33 PM, Karl Wright wrote: > > Hi Bert, > > Typically the authenticated user name would get passed from > mod-auth-kerb to Tomcat (or whatever the app server is you are running > solr under) as an argument, maybe appended to the url. It's going to > be up to you to figure out how to do that. Others may have more > concrete suggestions. > > Karl > > On Mon, Feb 18, 2013 at 9:28 AM, Bert van Hoesel <[email protected]> > wrote: > > Hi Karl, > > To be more precise. We are trying to get an 'sightly' customized Blacklight > fronted to connect to solr via ManifoldCF with authorization (obvious). > Blacklight is running from within Apache. So that would be a pre for > mod-auth-kerb. But ManifoldCF is running from within a Tomcat instance. In > this construct it is still not clear to me how and if this is going to work. > Technically, I am still missing the link between the login on Apache and the > authentication / user 'handover' to the Tomcat environment for Manifold. > > So if anyone can pitch in to describe their solution. It would be much > appreciated. > > Regards, > > Bert. > > > On 02/18/2013 03:09 PM, Karl Wright wrote: > > Hi Bert, > > Others, I hope, will chime in on this thread and let you know what > precise solutions they have adopted. But, in general, the solution > you use will depend on the environment you intend to run in. As you > point out, JAAS authentication is an option, should you be able to > find an appropriate JAAS plugin that does what you want. If you want > to do things via the Apache web server, I'd look at mod-auth-kerb > rather than mod-authz. Others, no doubt, have less generic > suggestions. > > Karl > > On Mon, Feb 18, 2013 at 9:03 AM, Bert van Hoesel <[email protected]> > wrote: > > Hi, > > At the moment for the most part it is clear how to install, configure and > populate manifoldcd and solr with authorized data. Using the added > Manifoldcf 'search' url I can see I do not have access to any 'authorized' > documents. Indeed I only see the non authorized documents. > > Thus the next step would be an authentication mechanism on top of this. I > have been looking 'around' but was not able to find enough pointers on how > to accomplish this. Two 'obvious' paths seem to be available: JAAS or apache > mod_authz. But maybe other solutions exists. Most preferable options are > those with minimal (java) programming. > > Biggest issue at the moment is that I can not figure out how authentication > data is propagated into ManifoldCF. > > Can anybody point me to some howtoo's or documentation of some kind on how > to accomplish this authentication on top of ManifoldCF. > > Thanks in advance. > > Regards, > > Bert. > > >
