Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-12121

JWT Authentication plugin

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 8.1
    • Authentication
    • None

    Description

      A new Authentication plugin that will accept a Json Web Token (JWT) in the Authorization header and validate it by checking the cryptographic signature. The plugin will not perform the authentication itself but assert that the user was authenticated by the service that issued the JWT token.

      JWT defined a number of standard claims, and user principal can be fetched from the sub (subject) claim and passed on to Solr. The plugin will always check the exp (expiry) claim and optionally enforce checks on the iss (issuer) and aud (audience) claims.

      The first version of the plugin will only support RSA signing keys and will support fetching the public key of the issuer through a Json Web Key (JWK) file, either from a https URL or from local file.

      Attachments

        Issue Links

        contains

        New Feature - A new feature of the product, which has yet to be developed. SOLR-12131 Authorization plugin support for getting user's roles from the outside

        • Major - Major loss of function.
        • Closed
        is depended upon by

        Improvement - An improvement or enhancement to an existing feature or task. SOLR-13070 Add JWT Auth support in SolrJ

        • Major - Major loss of function.
        • Open

        Improvement - An improvement or enhancement to an existing feature or task. SOLR-13071 Add JWT Auth support in bin/solr

        • Major - Major loss of function.
        • Open
        is related to

        New Feature - A new feature of the product, which has yet to be developed. SOLR-12131 Authorization plugin support for getting user's roles from the outside

        • Major - Major loss of function.
        • Closed
        relates to

        New Feature - A new feature of the product, which has yet to be developed. SOLR-12791 Add Metrics reporting for AuthenticationPlugin

        • Major - Major loss of function.
        • Closed
        requires

        New Feature - A new feature of the product, which has yet to be developed. SOLR-12799 Allow Authentication Plugins to easily intercept internode requests

        • Major - Major loss of function.
        • Closed
        links to

        Web Link GitHub Pull Request #343

        Web Link GitHub Pull Request #343

        Web Link GitHub Pull Request #645

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            janhoy Jan Høydahl
            janhoy Jan Høydahl
            Votes:
            1 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 1h 40m
                1h 40m

                Slack

                  Issue deployment