madrob commented on a change in pull request #2430:
URL: https://github.com/apache/lucene-solr/pull/2430#discussion_r583259647
##########
File path: solr/core/src/java/org/apache/solr/security/JWTIssuerConfig.java
##########
@@ -349,12 +349,18 @@ public HttpsJwksFactory(long jwkCacheDuration, long
refreshReprieveThreshold) {
this.jwkCacheDuration = jwkCacheDuration;
this.refreshReprieveThreshold = refreshReprieveThreshold;
}
-
+
+ /**
+ * While the class name is HttpsJwks, it actually works with plain http
formatted url as well.
+ * @param url the Url to connect to for JWK details.
+ */
private HttpsJwks create(String url) {
try {
URL jwksUrl = new URL(url);
- if (!"https".equalsIgnoreCase(jwksUrl.getProtocol())) {
- throw new SolrException(SolrException.ErrorCode.SERVER_ERROR,
PARAM_JWKS_URL + " must use HTTPS");
+ if ("http".equalsIgnoreCase(jwksUrl.getProtocol())) {
+ if (log.isWarnEnabled()) {
Review comment:
You generally don't need guard statements around warn logging - it is
almost always enabled, so we don't need to check on it like we do for more
detailed levels.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
