Lakhan Gupta created SOLR-14056: ----------------------------------- Summary: Solr admin api's are not authenticated after enabling blockUnknown parameter in jwt authentication. Key: SOLR-14056 URL: https://issues.apache.org/jira/browse/SOLR-14056 Project: Solr Issue Type: Bug Security Level: Public (Default Security Level. Issues are Public) Components: Authentication, Authorization Affects Versions: 8.1.1 Environment: solr stand Reporter: Lakhan Gupta
Hi, I am enabling jwt authentication using solr 8.1.1 in standalone mode. below is my security.json file. {code:java} {{ "authentication":{ "blockUnknown": true, "class":"solr.JWTAuthPlugin", "jwk":{ "kty":"oct", "use":"sig", "kid":"k1", "k":"7A02618BE6943C22FD81CAB9F6FCF063B6E1732C3614BC3ACA6032B6B3215CAF0D28A34FD423423CA3AC34BEA27D3F79", "alg":"HS256"}, "aud":"solr"}, "authorization":{ "class":"solr.RuleBasedAuthorizationPlugin", "permissions":[ { "name":"all", "path":"/*", "role":"admin" } ], "user-role":{ "solr":"admin" } }} {code} as you can see in above code, blockunknown parameter is enabled because of that my solr admin/info/system api is not authenticated. I've read in 8.1.1 documentation as blockunknown parameter block unknown request. so that, my admin/info/system api causing problem. I need an urgent help! Really appreciate if someone can give me a quick solution. Thanks Laksh Gupta -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org For additional commands, e-mail: issues-h...@lucene.apache.org