Package org.apache.solr.security

Class AuthenticationPlugin

java.lang.Object
org.apache.solr.security.AuthenticationPlugin
All Implemented Interfaces:
AutoCloseable, SolrInfoBean, SolrMetricProducer
Direct Known Subclasses:
BasicAuthPlugin, CertAuthPlugin, MultiAuthPlugin, PKIAuthenticationPlugin
public abstract class AuthenticationPlugin extends Object implements SolrInfoBean
WARNING: This API is experimental and might change in incompatible ways in the next release.

  • Field Details

  • Constructor Details

    • AuthenticationPlugin

      public AuthenticationPlugin()

  • Method Details

    • init

      public abstract void init(Map<String,Object> pluginConfig)
      This is called upon loading up of a plugin, used for setting it up.
      Parameters:
      pluginConfig - Config parameters, possibly from a ZK source

    • doAuthenticate

      public abstract boolean doAuthenticate(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws Exception
      This method attempts to authenticate the request. Upon a successful authentication, this must call the next filter in the filter chain and set the user principal of the request, or else, upon an error or an authentication failure, throw an exception.
      Parameters:
      request - the http request
      response - the http response
      filterChain - the servlet filter chain
      Returns:
      false if the request not be processed by Solr (not continue), i.e. the response and status code have already been sent.
      Throws:
      Exception - any exception thrown during the authentication, e.g. PrivilegedActionException

    • authenticate

      public final boolean authenticate(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws Exception
      This method is called by SolrDispatchFilter in order to initiate authentication. It does some standard metrics counting.
      Throws:
      Exception

    • wrapWithPrincipal

      protected jakarta.servlet.http.HttpServletRequest wrapWithPrincipal(jakarta.servlet.http.HttpServletRequest request, Principal principal)

    • wrapWithPrincipal

      protected jakarta.servlet.http.HttpServletRequest wrapWithPrincipal(jakarta.servlet.http.HttpServletRequest request, Principal principal, String username)

    • interceptInternodeRequest

      protected boolean interceptInternodeRequest(org.eclipse.jetty.client.Request request)
      Override this method to intercept internode requests. This allows your authentication plugin to decide on per-request basis whether it should handle inter-node requests or delegate to PKIAuthenticationPlugin. Return true to indicate that your plugin did handle the request, or false to signal that PKI plugin should handle it. This method will be called by PKIAuthenticationPlugin's interceptor.

      If not overridden, this method will return true for plugins implementing HttpClientBuilderPlugin. This method can be overridden by subclasses e.g. to set HTTP headers, even if you don't use a clientBuilder.

      Parameters:
      request - the httpRequest that is about to be sent to another internal Solr node
      Returns:
      true if this plugin handled authentication for the request, else false

    • closeRequest

      public void closeRequest()
      Cleanup any per request data

    • getSolrMetricsContext

      public SolrMetricsContext getSolrMetricsContext()
      Description copied from interface: SolrMetricProducer
      Implementations should return the context used in SolrMetricProducer.initializeMetrics(SolrMetricsContext, Attributes) to ensure proper cleanup of metrics at the end of the life-cycle of this component. This should be the child context if one was created, or null if the parent context was used.
      Specified by:
      getSolrMetricsContext in interface SolrMetricProducer

    • initializeMetrics

      public void initializeMetrics(SolrMetricsContext parentContext, io.opentelemetry.api.common.Attributes attributes)
      Description copied from interface: SolrMetricProducer
      Implementation should initialize all metrics to a SolrMetricsContext Registry/MeterProvider with Attributes as the common set of attributes that will be attached to every metric that is initialized for that class/component
      Specified by:
      initializeMetrics in interface SolrMetricProducer
      Parameters:
      parentContext - The registry that the component will initialize metrics to
      attributes - Base set of attributes that will be bound to all metrics for that component

    • getName

      public String getName()
      Description copied from interface: SolrInfoBean
      Simple common usage name, e.g. BasicQueryHandler, or fully qualified class name.
      Specified by:
      getName in interface SolrInfoBean

    • getDescription

      public String getDescription()
      Description copied from interface: SolrInfoBean
      Simple one or two line description
      Specified by:
      getDescription in interface SolrInfoBean

    • getCategory

      public SolrInfoBean.Category getCategory()
      Description copied from interface: SolrInfoBean
      Category of this component
      Specified by:
      getCategory in interface SolrInfoBean