Package org.apache.solr.security.jwt

Class JWTAuthPlugin

java.lang.Object

org.apache.solr.security.AuthenticationPlugin

org.apache.solr.security.jwt.JWTAuthPlugin

All Implemented Interfaces:

AutoCloseable, SpecProvider, SolrInfoBean, SolrMetricProducer, ConfigEditablePlugin

public class JWTAuthPlugin
extends AuthenticationPlugin
implements SpecProvider, ConfigEditablePlugin

Authenticaion plugin that finds logged in user by validating the signature of a JWT token

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
protected static class	JWTAuthPlugin.JWTAuthenticationResponse	Response for authentication attempt

Nested classes/interfaces inherited from interface org.apache.solr.core.SolrInfoBean

SolrInfoBean.Category, SolrInfoBean.Group

Field Summary

Fields inherited from class org.apache.solr.security.AuthenticationPlugin

AUTHENTICATION_PLUGIN_PROP, HTTP_HEADER_X_SOLR_AUTHDATA, numAuthenticated, numErrors, numMissingCredentials, numPassThrough, numWrongCredentials, requests, requestTimes, solrMetricsContext, totalTime

Constructor Summary

Constructors

Constructor	Description
JWTAuthPlugin()	Initialize plugin
JWTAuthPlugin(CoreContainer coreContainer)

Method Summary

Modifier and Type	Method	Description
protected JWTAuthPlugin.JWTAuthenticationResponse	authenticate(String authorizationHeader)	Testable authentication method
void	close()
boolean	doAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)	Main authentication method that looks for correct JWT token in the Authorization header
Map<String,Object>	edit(Map<String,Object> latestConf, List<CommandOperation> commands)	Operate the commands on the latest conf and return a new conf object If there are errors in the commands , throw a SolrException.
protected String	generateAuthDataHeader()
JWTIssuerConfig	getIssuerConfigByName(String name)	Lookup issuer config by its name
List<JWTIssuerConfig>	getIssuerConfigs()
ValidatingJsonMap	getSpec()
void	init(Map<String,Object> pluginConfig)
protected boolean	interceptInternodeRequest(org.apache.http.HttpRequest httpRequest, org.apache.http.protocol.HttpContext httpContext)
protected boolean	interceptInternodeRequest(org.eclipse.jetty.client.api.Request request)

Methods inherited from class org.apache.solr.security.AuthenticationPlugin

authenticate, closeRequest, getCategory, getDescription, getName, getSolrMetricsContext, initializeMetrics, wrapWithPrincipal, wrapWithPrincipal

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JWTAuthPlugin

public JWTAuthPlugin()

Initialize plugin

JWTAuthPlugin

public JWTAuthPlugin(CoreContainer coreContainer)

Method Detail

init

public void init(Map<String,Object> pluginConfig)

Specified by:

init in class AuthenticationPlugin

doAuthenticate

public boolean doAuthenticate(javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response,
                              javax.servlet.FilterChain filterChain)
                       throws Exception

Main authentication method that looks for correct JWT token in the Authorization header

Specified by:

doAuthenticate in class AuthenticationPlugin

Throws:

Exception

authenticate

protected JWTAuthPlugin.JWTAuthenticationResponse authenticate(String authorizationHeader)

Testable authentication method

Parameters:

authorizationHeader - the http header "Authentication"

Returns:

AuthenticationResponse object

close

public void close()

Specified by:

close in interface AutoCloseable

Specified by:

close in interface SolrMetricProducer

getSpec

public ValidatingJsonMap getSpec()

Specified by:

getSpec in interface SpecProvider

edit

public Map<String,Object> edit(Map<String,Object> latestConf,
                                     List<CommandOperation> commands)

Operate the commands on the latest conf and return a new conf object If there are errors in the commands , throw a SolrException. return a null if no changes are to be made as a result of this edit. It is the responsibility of the implementation to ensure that the returned config is valid . The framework does no validation of the data

Specified by:

edit in interface ConfigEditablePlugin

Parameters:

latestConf - latest version of config

commands - the list of command operations to perform

generateAuthDataHeader

protected String generateAuthDataHeader()

interceptInternodeRequest

protected boolean interceptInternodeRequest(org.apache.http.HttpRequest httpRequest,
                                            org.apache.http.protocol.HttpContext httpContext)

Overrides:

interceptInternodeRequest in class AuthenticationPlugin

interceptInternodeRequest

protected boolean interceptInternodeRequest(org.eclipse.jetty.client.api.Request request)

Overrides:

interceptInternodeRequest in class AuthenticationPlugin

getIssuerConfigs

public List<JWTIssuerConfig> getIssuerConfigs()

getIssuerConfigByName

public JWTIssuerConfig getIssuerConfigByName(String name)

Lookup issuer config by its name

Parameters:

name - name property of config

Returns:

issuer config object or null if not found