Isn’t jwt token just some http header? I wonder if it could be added easily by constructing a custom http client instance for solrj to use.
Also docs say that it supports multiple authentication schemes. Maybe you can use http basic and a service account just for solrj and jwt for other clients. — > On 16 Dec 2023, at 09:52, Jim Morgan <jim.mor...@nknews.org.invalid> wrote: > > I guess one option would be running it behind a proxy (nginx, varnish, > haproxy etc) and adding the authentication at that level. This also means > you can use the proxy as an SSL terminator and so secure traffic. > >> On Sat, Dec 16, 2023 at 3:03 AM Rahul Goswami <rahul196...@gmail.com> wrote: >> >> Hello, >> I am using Solr 8.11.1 in standalone mode and need to implement >> authentication for API calls. I went over the below documentation page to >> evaluate my options: >> https://solr.apache.org/guide/8_11/securing-solr.html >> >> JWTPlugin seems to be something which could be a good option. But it >> mentions that the SolrJ client doesnt support passing JWT tokens ( >> https://solr.apache.org/guide/8_11/jwt-authentication-plugin.html#jwt-soljr >> ) . Wouldn't that make the plugin practically unusable? >> >> Also, I would like to know from the community some other ways that are >> commonly prevalent for Solr authentication. I am more interested in the >> authentication piece than authorization. >> >> Thanks, >> Rahul >>
