Package org.apache.solr.security.jwt
Class JWTAuthPlugin
- java.lang.Object
-
- org.apache.solr.security.AuthenticationPlugin
-
- org.apache.solr.security.jwt.JWTAuthPlugin
-
- All Implemented Interfaces:
AutoCloseable
,org.apache.solr.common.SpecProvider
,SolrInfoBean
,SolrMetricProducer
,ConfigEditablePlugin
public class JWTAuthPlugin extends AuthenticationPlugin implements org.apache.solr.common.SpecProvider, ConfigEditablePlugin
Authentication plugin that finds logged in user by validating the signature of a JWT token
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description protected static class
JWTAuthPlugin.JWTAuthenticationResponse
Response for authentication attempt-
Nested classes/interfaces inherited from interface org.apache.solr.core.SolrInfoBean
SolrInfoBean.Category, SolrInfoBean.Group
-
-
Field Summary
-
Fields inherited from class org.apache.solr.security.AuthenticationPlugin
AUTHENTICATION_PLUGIN_PROP, HTTP_HEADER_X_SOLR_AUTHDATA, numAuthenticated, numErrors, numMissingCredentials, numPassThrough, numWrongCredentials, requests, requestTimes, solrMetricsContext, totalTime
-
-
Constructor Summary
Constructors Constructor Description JWTAuthPlugin()
Initialize pluginJWTAuthPlugin(CoreContainer coreContainer)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected JWTAuthPlugin.JWTAuthenticationResponse
authenticate(String authorizationHeader)
Testable authentication methodvoid
close()
boolean
doAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)
Main authentication method that looks for correct JWT token in the Authorization headerMap<String,Object>
edit(Map<String,Object> latestConf, List<org.apache.solr.common.util.CommandOperation> commands)
Operate the commands on the latest conf and return a new conf object If there are errors in the commands , throw a SolrException.protected String
generateAuthDataHeader()
JWTIssuerConfig
getIssuerConfigByName(String name)
Lookup issuer config by its nameList<JWTIssuerConfig>
getIssuerConfigs()
org.apache.solr.common.util.ValidatingJsonMap
getSpec()
void
init(Map<String,Object> pluginConfig)
protected boolean
interceptInternodeRequest(org.apache.http.HttpRequest httpRequest, org.apache.http.protocol.HttpContext httpContext)
protected boolean
interceptInternodeRequest(org.eclipse.jetty.client.api.Request request)
-
Methods inherited from class org.apache.solr.security.AuthenticationPlugin
authenticate, closeRequest, getCategory, getDescription, getName, getSolrMetricsContext, initializeMetrics, wrapWithPrincipal, wrapWithPrincipal
-
-
-
-
Constructor Detail
-
JWTAuthPlugin
public JWTAuthPlugin()
Initialize plugin
-
JWTAuthPlugin
public JWTAuthPlugin(CoreContainer coreContainer)
-
-
Method Detail
-
init
public void init(Map<String,Object> pluginConfig)
- Specified by:
init
in classAuthenticationPlugin
-
doAuthenticate
public boolean doAuthenticate(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain) throws Exception
Main authentication method that looks for correct JWT token in the Authorization header- Specified by:
doAuthenticate
in classAuthenticationPlugin
- Throws:
Exception
-
authenticate
protected JWTAuthPlugin.JWTAuthenticationResponse authenticate(String authorizationHeader)
Testable authentication method- Parameters:
authorizationHeader
- the http header "Authentication"- Returns:
- AuthenticationResponse object
-
close
public void close()
- Specified by:
close
in interfaceAutoCloseable
- Specified by:
close
in interfaceSolrMetricProducer
-
getSpec
public org.apache.solr.common.util.ValidatingJsonMap getSpec()
- Specified by:
getSpec
in interfaceorg.apache.solr.common.SpecProvider
-
edit
public Map<String,Object> edit(Map<String,Object> latestConf, List<org.apache.solr.common.util.CommandOperation> commands)
Operate the commands on the latest conf and return a new conf object If there are errors in the commands , throw a SolrException. return a null if no changes are to be made as a result of this edit. It is the responsibility of the implementation to ensure that the returned config is valid . The framework does no validation of the data- Specified by:
edit
in interfaceConfigEditablePlugin
- Parameters:
latestConf
- latest version of configcommands
- the list of command operations to perform
-
generateAuthDataHeader
protected String generateAuthDataHeader()
-
interceptInternodeRequest
protected boolean interceptInternodeRequest(org.apache.http.HttpRequest httpRequest, org.apache.http.protocol.HttpContext httpContext)
- Overrides:
interceptInternodeRequest
in classAuthenticationPlugin
-
interceptInternodeRequest
protected boolean interceptInternodeRequest(org.eclipse.jetty.client.api.Request request)
- Overrides:
interceptInternodeRequest
in classAuthenticationPlugin
-
getIssuerConfigs
public List<JWTIssuerConfig> getIssuerConfigs()
-
getIssuerConfigByName
public JWTIssuerConfig getIssuerConfigByName(String name)
Lookup issuer config by its name- Parameters:
name
- name property of config- Returns:
- issuer config object or null if not found
-
-