Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-14440

Provide Certificate Authentication Plugin

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: master (9.0)
    • Component/s: security
    • Labels:
      None

      Description

      As described in this comment on SOLR-4407, while we support Client SSL certificates we do not have a way to use them with authentication and authorization in an end-to-end fashion.

      Specifically, we don't have an easy (or any?) way to load the certificate subject via a user principal into the AuthorizationContext.

      The work in SOLR-10814 would also be good here, since the subject can have much more than just the CN, for example it can have locations and organizational units. C=US, ST=California, L=San Francisco, O=Wikimedia Foundation, Inc., CN=*.wikipedia.org

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mdrob Mike Drob
                Reporter:
                mdrob Mike Drob
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 50m
                  50m