Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-15296

Provide allowlisting mechanism in the auth plugin to ignore paths like login

    XMLWordPrintableJSON

Details

    • Wish
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Authorization, Plugin system
    • None

    Description

      I'm recently working (with epugh ) on YASA to make it work under the auth plugins.
       
      I saw in the codes that the authenticator allowlists the Admin login path `/solr/` explicitly, while for YASA, its path must start with `/v2` , not matching the whitelisted paths and will be intercepted, hence the login page won't be reached and redirected, I also didn't find a allowlisting mechanism in the JWT auth plugin, and RBAP doesn't seem to fit this case either. So I'm wondering if it's possible to provide allowlisting mechanism in the JWT auth plugin, so that users can configure the login paths for plugins like YASA to work?
       

      Attachments

        Issue Links

          is duplicated by

          Wish - General wishlist item. SOLR-15295 Provide allowlisting mechanism in the JWT auth plugin to ignore paths like login

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              epugh Eric Pugh
              kezhenxu94 Zhenxu Ke
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: