Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Solr: configure basic authentication #1031

Open
6 tasks
WalterMoar opened this issue Oct 17, 2018 · 0 comments
Open
6 tasks

Solr: configure basic authentication #1031

WalterMoar opened this issue Oct 17, 2018 · 0 comments
Assignees
@WalterMoar
Labels
pipeline: solr Security Relating to the security framework (KeyCloak) SOLR Relating to SOLR
Milestone
Sprint 17

Comments

@WalterMoar
Copy link
Contributor

WalterMoar commented Oct 17, 2018
edited
Loading

Task (Use for Work not Directly related to a Story but supports the Sprint Goals)

Detailed Description

The Solr instances need to be secured so that only authorized users have access. Although it would be ideal to have this done using Keycloak, that is not straightforward. In the interim we will use basic authentication, which is much more easily configured.

The NAMEX API, Solr feeder, and Admin App will all need to be updated to provide credentials on their calls to the Solr API. This will be tracked with other tickets.

Use the following for the security.json file:

{
    "authentication":
    {
        "blockUnknown": true,
        "class": "solr.BasicAuthPlugin",
        "credentials":
        {
            "feeder": "[HASHES]",
            "namex_api": "[HASHES]",
            "solr_adm": "[HASHES]"
        }
    },
    "authorization":
    {
        "class": "solr.RuleBasedAuthorizationPlugin",
        "permissions":
        [
            {
                "name": "all",
                "role": "admin"
            },
            {
                "name": "read",
                "role": "api-read"
            },
            {
                "name": "TBD",
                "role": "core-reload"
            }
        ],
        "user-role":
        {
            "feeder": "core-reload",
            "namex_api": "api-read",
            "solr_adm": "admin",
        }
    }
}
Sprint Goal
Acceptance Criteria

Solr cannot be accessed unless credentials are supplied.
Documentation is updated.

Definition of Done (:one:-Mandatory to add to the Backlog, :two:-Mandatory to add to the Sprint Backlog)
  • Acceptance Criteria Defined 1️⃣
  • Estimate 2️⃣
  • Priority Label 1️⃣
  • Task Label 1️⃣
  • Assignee 2️⃣
  • Sprint Goal (in line with the goal of the sprint) 2️⃣
@WalterMoar WalterMoar self-assigned this Oct 17, 2018
@WalterMoar WalterMoar added Security Relating to the security framework (KeyCloak) SOLR Relating to SOLR labels Oct 17, 2018
@WalterMoar WalterMoar added this to the Sprint 17 milestone Oct 17, 2018
@WalterMoar WalterMoar assigned rarmitag and WalterMoar and unassigned WalterMoar and rarmitag Oct 23, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@WalterMoar WalterMoar

Labels
pipeline: solr Security Relating to the security framework (KeyCloak) SOLR Relating to SOLR
Projects
None yet
Milestone
Sprint 17
Development

No branches or pull requests
2 participants
@WalterMoar @rarmitag