Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-4470

Support for basic http auth in internal solr requests

    Details

      Description

      We want to protect any HTTP-resource (url). We want to require credentials no matter what kind of HTTP-request you make to a Solr-node.

      It can faily easy be acheived as described on http://wiki.apache.org/solr/SolrSecurity. This problem is that Solr-nodes also make "internal" request to other Solr-nodes, and for it to work credentials need to be provided here also.

      Ideally we would like to "forward" credentials from a particular request to all the "internal" sub-requests it triggers. E.g. for search and update request.

      But there are also "internal" requests

      • that only indirectly/asynchronously triggered from "outside" requests (e.g. shard creation/deletion/etc based on calls to the "Collection API")
      • that do not in any way have relation to an "outside" "super"-request (e.g. replica synching stuff)

      We would like to aim at a solution where "original" credentials are "forwarded" when a request directly/synchronously trigger a subrequest, and fallback to a configured "internal credentials" for the asynchronous/non-rooted requests.

      In our solution we would aim at only supporting basic http auth, but we would like to make a "framework" around it, so that not to much refactoring is needed if you later want to make support for other kinds of auth (e.g. digest)

      We will work at a solution but create this JIRA issue early in order to get input/comments from the community as early as possible.

        Attachments

        1. SOLR-4470_branch_4x_r1452629.patch
          273 kB
          Per Steffensen
        2. SOLR-4470_branch_4x_r1452629.patch
          274 kB
          Per Steffensen
        3. SOLR-4470.patch
          276 kB
          Jan Høydahl
        4. SOLR-4470_branch_4x_r1454444.patch
          307 kB
          Per Steffensen
        5. SOLR-4470.patch
          356 kB
          Jan Høydahl
        6. SOLR-4470_trunk_r1568857.patch
          271 kB
          Per Steffensen
        7. SOLR-4470.patch
          333 kB
          Jan Høydahl
        8. SOLR-4470.patch
          333 kB
          Jan Høydahl
        9. SOLR-4470.patch
          276 kB
          Jan Høydahl
        10. SOLR-4470.patch
          276 kB
          Jan Høydahl
        11. SOLR-4470.patch
          276 kB
          Jan Høydahl
        12. SOLR-4470.patch
          276 kB
          Jan Høydahl
        13. SOLR-4470.patch
          277 kB
          Jan Høydahl
        14. SOLR-4470.patch
          277 kB
          Jan Høydahl
        15. SOLR-4470.patch
          277 kB
          Jan Høydahl
        16. SOLR-4470.patch
          278 kB
          Jan Høydahl

          Issue Links

            Activity

              People

              • Assignee:
                janhoy Jan Høydahl
                Reporter:
                steff1193 Per Steffensen
              • Votes:
                20 Vote for this issue
                Watchers:
                34 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: