Package org.apache.solr.security.jwt

Class JWTAuthPlugin

java.lang.Object
org.apache.solr.security.AuthenticationPlugin
org.apache.solr.security.jwt.JWTAuthPlugin
All Implemented Interfaces:
AutoCloseable, org.apache.solr.common.SpecProvider, SolrInfoBean, SolrMetricProducer, ConfigEditablePlugin
public class JWTAuthPlugin extends AuthenticationPlugin implements org.apache.solr.common.SpecProvider, ConfigEditablePlugin
Authentication plugin that finds logged in user by validating the signature of a JWT token

  • Constructor Details

    • JWTAuthPlugin

      public JWTAuthPlugin()
      Initialize plugin

    • JWTAuthPlugin

      public JWTAuthPlugin(CoreContainer coreContainer)

  • Method Details

    • init

      public void init(Map<String,Object> pluginConfig)
      Specified by:
      init in class AuthenticationPlugin

    • registerTokenEndpointForCsp

      protected void registerTokenEndpointForCsp()
      Record Issuer token URL as a system property so it can be picked up and sent to Admin UI as CSP

    • doAuthenticate

      public boolean doAuthenticate(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws Exception
      Main authentication method that looks for correct JWT token in the Authorization header
      Specified by:
      doAuthenticate in class AuthenticationPlugin
      Throws:
      Exception

    • authenticate

      protected JWTAuthPlugin.JWTAuthenticationResponse authenticate(String authorizationHeader)
      Testable authentication method
      Parameters:
      authorizationHeader - the http header "Authentication"
      Returns:
      AuthenticationResponse object

    • close

      public void close()
      Specified by:
      close in interface AutoCloseable
      Specified by:
      close in interface SolrMetricProducer

    • getSpec

      public org.apache.solr.common.util.ValidatingJsonMap getSpec()
      Specified by:
      getSpec in interface org.apache.solr.common.SpecProvider

    • edit

      public Map<String,Object> edit(Map<String,Object> latestConf, List<org.apache.solr.common.util.CommandOperation> commands)
      Operate the commands on the latest conf and return a new conf object If there are errors in the commands , throw a SolrException. return a null if no changes are to be made as a result of this edit. It is the responsibility of the implementation to ensure that the returned config is valid . The framework does no validation of the data
      Specified by:
      edit in interface ConfigEditablePlugin
      Parameters:
      latestConf - latest version of config
      commands - the list of command operations to perform

    • generateAuthDataHeader

      protected String generateAuthDataHeader()

    • interceptInternodeRequest

      protected boolean interceptInternodeRequest(org.eclipse.jetty.client.Request request)
      Overrides:
      interceptInternodeRequest in class AuthenticationPlugin

    • getIssuerConfigs

      public List<JWTIssuerConfig> getIssuerConfigs()

    • getIssuerConfigByName

      public JWTIssuerConfig getIssuerConfigByName(String name)
      Lookup issuer config by its name
      Parameters:
      name - name property of config
      Returns:
      issuer config object or null if not found