During discussion of SOLR-15770, the idea came up that the bin/solr auth enable command should model a best practices setup of security.json, with the idea that it's sometimes easier to show versus tell people how to setup security.
My wish for that default security.json
- Add three users user , admin and superadmin
- Add three roles with the same names
- Map every permission in the system to one or more of those roles
- End the chain with an all permission connected to the superadmin role
Bonus points would be to have the security.json be a template file read in by AuthTool instead of a hard to edit/understand String generated in Java. Then we could also reference this file in the Ref Guide (the way we do with some SolrJ chunks of code) and provide more detailed explanation of thinking in the Ref Guide.