Jan Høydahl created SOLR-14196:
----------------------------------
Summary: AdminUI login not working for JWTAuth when
blockUnknown=false
Key: SOLR-14196
URL: https://issues.apache.org/jira/browse/SOLR-14196
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Components: Admin UI
Affects Versions: 4.8.0, 4.8.1
Reporter: Jan Høydahl
Assignee: Jan Høydahl
When {{blockUnknown=false}} it is not the AuthenticationPlugin that sends the
HTTP response header {{WWW-Authenticate}}, but it is done by {{HttpSolrCall}}
based on a 401 response from AuthorizationPlugin.
Admin UI uses info from {{WWW-Authenticate}} header to choose what login screen
to display, and for JWT it also requires an {{X-Solr-Authinfo}} header
generated by the JWT plugin.
h3. Solution
The BasicAuth plugin solves this by storing the map of headers to set as an
attribute on ServletReuest with key {{AuthenticationPlugin}}, if we fall
through to Authorization plugin. We can do that as well with JWT plugin.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
