Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Won't Fix
-
1.9
-
None
-
None
Description
The fileUrl feature in 1.9-SNAPSHOT is great! Are there plans for letting the client provide auth credentials for the request to the remote source (fileUrl)? Seems tika would need support for HTTP Basic/Digest username:password, then HTTPS certificates, and maybe AWS S3 access+secret keys. But, I guess S3 auth can be used now if the client provides a signed url.
I tried the (old and deprecated?) HTTP url syntax containing username:password, but that is apparently ignored. Tika gets a 401 and that causes tika to respond with a 500 error.
$ curl -H "fileUrl: http://user:password@example.com/foo.jpg" -H "Accept: application/json" -X PUT http://localhost:9998/meta HTTP/1.1 500 Server Error
I think it's fine to require credentials to be provided in each request, but others might want them configurable on the server, probably by domain or domain + path.
A weird alternative solution to this might be for tika to be like a proxy – pass through any Authorization: or Cookie: from the request and forward any 401/403 response from the remote source (fileUrl) to the tika client. I wonder if that might make an OAuth handler for the remote source possible/easier.
Sorry if this isn't the right place to suggest this.
Attachments
Issue Links
- relates to
-
TIKA-2081 Add back 'fileUrl' functionality to TikaJAXRS Server subject to security controls
- Resolved