On 2023-03-22 7:24 PM, Shawn Heisey wrote:
I finally have a good grasp of exactly how rule based authorization in
Solr works. It's exceptionally flexible once you figure it out.
I've been trying to figure out whether there is any way to use Active
Directory for authentication in Solr, and if so, how in the world I
would manage mapping those users to Solr's authorization roles.
Looks like someone did it:
https://stackoverflow.com/questions/17730950/jetty-jaas-and-active-directory-authentication-only
On-prem AD is really just LDAP+SSL but I know next to nothing about
jetty so I would be tempted to put it behind an apache or nginx proxy
and off-load the auth to it. Those are well documented.
my $.02
Dima
