GitHub user janhoy opened a pull request:
SOLR-9481: Authentication and Authorization plugins support for non-cloud
Adds ability to use Auth/Autz plugins in standalone non-cloud mode.
- Place `security.json` in $SOLR_HOME
- Solr will initialise plugins from local file
- Edits through API `/solr/admin/authentication` and `/solr/admin/authorization`supported
- Each edit will update local copy of `security.json` and reload security config
- If you have several nodes in master/slave setup, need to perform the edit on each node
- Refactored `SecurityConfHandler`into a base class independent of ZK. Each sub class overrides methods `getSecurityConfig`, `getConf`, `persistConf` and `securityConfEdited`:
- `SecurityConfHandlerZk` is instantiated if zkAware
- `SecurityConfHandlerLocal` is instantiated if in local mode, reads/writes local file in SOLR_HOME
- In local mode there is no callback when `security.json` changes, so `SecurityConfHandlerLocal` explicitly reloads security configs in its `securityConfEdited()` method
- `MockSecurityHandler` used in tests persists to in-memory Map
- New object `SecurityConfig` to hold security config, since `ZkStateReader.ConfigData` is tied to ZK.
- New test case `BasicAuthStandaloneTest` spins up Jetty, writes local `security.json` through the persistConf API, adds a user through edit API, validates that permission is enforced and that local file contains user name.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/cominvent/lucene-solr solr9481
Alternatively you can review and apply these changes as the patch at:
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #95
Author: Jan Høydahl <firstname.lastname@example.org>
SOLR-9481: Authentication and Authorization plugins now work in standalone mode, including edit API