[
https://issues.apache.org/jira/browse/SOLR-10699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16015587#comment-16015587
]
Jan Høydahl commented on SOLR-10699:
------------------------------------
I think the way to approach user friendliness for security is much more about
tooling such as SOLR-8440 as well as API and UI support. Most users want to run
a command {{solr auth enable}} or to click a button in UI. More advanced users
will talk to our security REST api {{set-permission}} etc. Developers and
advanced users may craft their own security.json but I don't think those users
are annoyed by the class param, rather the opposite, they expect it.?
> make it optional to specify authorization plugin class name
> -----------------------------------------------------------
>
> Key: SOLR-10699
> URL: https://issues.apache.org/jira/browse/SOLR-10699
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: security
> Reporter: Noble Paul
> Assignee: Noble Paul
>
> It is unlikely that users specify anything other than
> {{"class":"solr.RuleBasedAuthorizationPlugin"}} for authorization. So , if
> nothing is specified we should take the default as
> {{solr.RuleBasedAuthorizationPlugin}}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
