Lakhan Gupta created SOLR-14056:
-----------------------------------

             Summary: Solr admin api's are not authenticated after enabling 
blockUnknown parameter in jwt authentication.
                 Key: SOLR-14056
                 URL: https://issues.apache.org/jira/browse/SOLR-14056
             Project: Solr
          Issue Type: Bug
      Security Level: Public (Default Security Level. Issues are Public)
          Components: Authentication, Authorization
    Affects Versions: 8.1.1
         Environment: solr stand
            Reporter: Lakhan Gupta


Hi, 

I am enabling jwt authentication using solr 8.1.1 in standalone mode. below is 
my security.json file. 
{code:java}
{{  "authentication":{ "blockUnknown": true,    "class":"solr.JWTAuthPlugin", 
"jwk":{      "kty":"oct",      "use":"sig",      "kid":"k1",      
"k":"7A02618BE6943C22FD81CAB9F6FCF063B6E1732C3614BC3ACA6032B6B3215CAF0D28A34FD423423CA3AC34BEA27D3F79",
      "alg":"HS256"},    "aud":"solr"},  "authorization":{      
"class":"solr.RuleBasedAuthorizationPlugin",      "permissions":[  {            
"name":"all", "path":"/*",            "role":"admin"         }      ],      
"user-role":{         "solr":"admin"      }   }}
{code}
as you can see in above code, blockunknown parameter is enabled because of that 
my solr admin/info/system api is not authenticated. 

I've read in 8.1.1 documentation as blockunknown parameter block unknown 
request. so that, my admin/info/system api causing problem. I need an urgent 
help! 

 

Really appreciate if someone can give me a quick solution.

 

Thanks 

Laksh Gupta 

 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org

Reply via email to