[
https://issues.apache.org/jira/browse/SOLR-11623?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jan Høydahl reassigned SOLR-11623:
----------------------------------
Assignee: Jan Høydahl
> Every request handler in Solr should implement PermissionNameProvider
> interface
> -------------------------------------------------------------------------------
>
> Key: SOLR-11623
> URL: https://issues.apache.org/jira/browse/SOLR-11623
> Project: Solr
> Issue Type: Improvement
> Affects Versions: 7.1
> Reporter: Hrishikesh Gadre
> Assignee: Jan Høydahl
> Priority: Major
>
> Solr authorization framework expects request handler to implement
> PermissionNameProvider interface so that the type of the permission for the
> request can be extracted. Currently not all request handlers implement
> PermissionNameProvider, requiring authorization plugin implementation to
> check this case explicitly and return OK. During code review of SENTRY-1475,
> this issue was discussed. Since PermissionNameProvider.Name enum provides
> "ALL" permission type, it should be possible to have every request handler to
> implement PermissionNameProvider interface and provide "ALL" permission type
> if no authorization checks are necessary.
> The secondary benefit of this work would be that we can review all the
> request handlers and ensure that we aren't missing authorization support for
> any request handlers which provide sensitive information.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
