Package org.apache.solr.security

Class PKIAuthenticationPlugin

    • Method Detail

      • withServerIdentity

        public static void withServerIdentity​(boolean enabled)
        Mark the current thread as a server thread and set a flag in SolrRequestInfo to indicate you want to send a request as the server identity instead of as the authenticated user.
        Parameters:
        enabled - If true, enable the current thread to make requests with the server identity.
        See Also:
        SolrRequestInfo.setUseServerToken(boolean)

      • isInterceptorRegistered

        public boolean isInterceptorRegistered()

      • init

        public void init​(Map<String,​Object> pluginConfig)
        Description copied from class: AuthenticationPlugin
        This is called upon loading up of a plugin, used for setting it up.
        Specified by:
        init in class AuthenticationPlugin
        Parameters:
        pluginConfig - Config parameters, possibly from a ZK source

      • doAuthenticate

        public boolean doAuthenticate​(javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response,
                              javax.servlet.FilterChain filterChain)
                       throws Exception
        Description copied from class: AuthenticationPlugin
        This method attempts to authenticate the request. Upon a successful authentication, this must call the next filter in the filter chain and set the user principal of the request, or else, upon an error or an authentication failure, throw an exception.
        Specified by:
        doAuthenticate in class AuthenticationPlugin
        Parameters:
        request - the http request
        response - the http response
        filterChain - the servlet filter chain
        Returns:
        false if the request not be processed by Solr (not continue), i.e. the response and status code have already been sent.
        Throws:
        Exception - any exception thrown during the authentication, e.g. PrivilegedActionException

      • setup

        public void setup​(org.apache.solr.client.solrj.impl.Http2SolrClient client)
        Specified by:
        setup in interface HttpClientBuilderPlugin

      • getHttpClientBuilder

        public org.apache.solr.client.solrj.impl.SolrHttpClientBuilder getHttpClientBuilder​(org.apache.solr.client.solrj.impl.SolrHttpClientBuilder builder)
        Specified by:
        getHttpClientBuilder in interface HttpClientBuilderPlugin
        Returns:
        Returns an instance of a SolrHttpClientBuilder to be used for configuring the HttpClients for use with SolrJ clients.

      • needsAuthorization

        public boolean needsAuthorization​(javax.servlet.http.HttpServletRequest req)

      • close

        public void close()
           throws IOException
        Description copied from interface: SolrMetricProducer
        Implementations should always call SolrMetricProducer.super.close() to ensure that metrics with the same life-cycle as this component are properly unregistered. This prevents obscure memory leaks.

        from: https://docs.oracle.com/javase/8/docs/api/java/lang/AutoCloseable.html While this interface method is declared to throw Exception, implementers are strongly encouraged to declare concrete implementations of the close method to throw more specific exceptions, or to throw no exception at all if the close operation cannot fail.

        Specified by:
        close in interface AutoCloseable
        Specified by:
        close in interface SolrMetricProducer
        Throws:
        IOException

      • getPublicKey

        public String getPublicKey()