Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-14440

Provide Certificate Authentication Plugin

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 9.0
    • security
    • None

    Description

      As described in this comment on SOLR-4407, while we support Client SSL certificates we do not have a way to use them with authentication and authorization in an end-to-end fashion.

      Specifically, we don't have an easy (or any?) way to load the certificate subject via a user principal into the AuthorizationContext.

      The work in SOLR-10814 would also be good here, since the subject can have much more than just the CN, for example it can have locations and organizational units. C=US, ST=California, L=San Francisco, O=Wikimedia Foundation, Inc., CN=*.wikipedia.org

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            mdrob Mike Drob
            mdrob Mike Drob
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 50m
                50m

                Slack

                  Issue deployment