[
https://issues.apache.org/jira/browse/SOLR-10699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16015461#comment-16015461
]
Jan Høydahl commented on SOLR-10699:
------------------------------------
We have uglier names in our code base without making them defaults :) This
thing is pluggable so per definition people will use other impls further down
the road. I feel this is different from choosing json as default wt; the authz
class directly dictates how to parse the remainder of the authz JSON object.
One of the benefits of Solr's plugin system is that it is quite explicit, you
can read it and understand how it is wired.
An alternative could perhaps be to let Solr's security plugins use SPI. Then
instead of removing we could replace {{class}} by, e.g. {{"impl":"rulebased"}}?
> make it optional to specify authorization plugin class name
> -----------------------------------------------------------
>
> Key: SOLR-10699
> URL: https://issues.apache.org/jira/browse/SOLR-10699
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: security
> Reporter: Noble Paul
> Assignee: Noble Paul
>
> It is unlikely that users specify anything other than
> {{"class":"solr.RuleBasedAuthorizationPlugin"}} for authorization. So , if
> nothing is specified we should take the default as
> {{solr.RuleBasedAuthorizationPlugin}}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
