Solr
  1. Solr
  2. SOLR-4470

Support for basic http auth in internal solr requests

    Details

      Description

      We want to protect any HTTP-resource (url). We want to require credentials no matter what kind of HTTP-request you make to a Solr-node.

      It can faily easy be acheived as described on http://wiki.apache.org/solr/SolrSecurity. This problem is that Solr-nodes also make "internal" request to other Solr-nodes, and for it to work credentials need to be provided here also.

      Ideally we would like to "forward" credentials from a particular request to all the "internal" sub-requests it triggers. E.g. for search and update request.

      But there are also "internal" requests

      • that only indirectly/asynchronously triggered from "outside" requests (e.g. shard creation/deletion/etc based on calls to the "Collection API")
      • that do not in any way have relation to an "outside" "super"-request (e.g. replica synching stuff)

      We would like to aim at a solution where "original" credentials are "forwarded" when a request directly/synchronously trigger a subrequest, and fallback to a configured "internal credentials" for the asynchronous/non-rooted requests.

      In our solution we would aim at only supporting basic http auth, but we would like to make a "framework" around it, so that not to much refactoring is needed if you later want to make support for other kinds of auth (e.g. digest)

      We will work at a solution but create this JIRA issue early in order to get input/comments from the community as early as possible.

      1. SOLR-4470.patch
        276 kB
        Jan Høydahl
      2. SOLR-4470.patch
        356 kB
        Jan Høydahl
      3. SOLR-4470.patch
        333 kB
        Jan Høydahl
      4. SOLR-4470.patch
        333 kB
        Jan Høydahl
      5. SOLR-4470.patch
        276 kB
        Jan Høydahl
      6. SOLR-4470.patch
        276 kB
        Jan Høydahl
      7. SOLR-4470.patch
        276 kB
        Jan Høydahl
      8. SOLR-4470.patch
        276 kB
        Jan Høydahl
      9. SOLR-4470.patch
        277 kB
        Jan Høydahl
      10. SOLR-4470.patch
        277 kB
        Jan Høydahl
      11. SOLR-4470.patch
        277 kB
        Jan Høydahl
      12. SOLR-4470.patch
        278 kB
        Jan Høydahl
      13. SOLR-4470_trunk_r1568857.patch
        271 kB
        Per Steffensen
      14. SOLR-4470_branch_4x_r1454444.patch
        307 kB
        Per Steffensen
      15. SOLR-4470_branch_4x_r1452629.patch
        273 kB
        Per Steffensen
      16. SOLR-4470_branch_4x_r1452629.patch
        274 kB
        Per Steffensen

        Issue Links

          Activity

          No work has yet been logged on this issue.

            People

            • Assignee:
              Jan Høydahl
              Reporter:
              Per Steffensen
            • Votes:
              20 Vote for this issue
              Watchers:
              34 Start watching this issue

              Dates

              • Created:
                Updated:

                Development