Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-12120

New plugin type AuditLoggerPlugin

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 8.1
    • security
    • None

    Description

      Solr needs a well defined plugin point to implement audit logging functionality, which is independent from whatever AuthenticationPlugin or AuthorizationPlugin are in use at the time.

      It seems reasonable to introduce a new plugin type AuditLoggerPlugin. It could be configured in solr.xml or it could be a third type of plugin defined in security.json, i.e.

      {
  "authentication" : { "class" : ... },
  "authorization" : { "class" : ... },
  "auditlogging" : { "class""x.y.MyAuditLogger", ... }
}

      We could then instrument SolrDispatchFilter to the audit plugin with an AuditEvent at important points such as successful authentication:

      auditLoggerPlugin.audit(new SolrAuditEvent(EventType.AUTHENTICATED, request)); 

       We will mark the impl as @lucene.experimental in the first release to let it settle as people write their own plugin implementations.

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. SOLR-13465 CoreContainer.auditloggerPlugin should be volatile

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          is related to

          New Feature - A new feature of the product, which has yet to be developed. SENTRY-1475 Integrate Sentry with Solr 7 authorization framework

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. SOLR-11781 Pass impersonator info to the authorization plugin

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open
          is required by

          Improvement - An improvement or enhancement to an existing feature or task. SOLR-13371 Re-structure and clarify Security chapters in Ref Guide

          • Major - Major loss of function.
          • Closed
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. SOLR-12055 Enable async logging by default

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          links to

          Web Link GitHub Pull Request #342

          Web Link GitHub Pull Request #342

          Activity

            People

              janhoy Jan Høydahl
              janhoy Jan Høydahl
              Votes:
              2 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 3h 10m
                  3h 10m