On 3/22/2023 6:56 PM, dmitri maziuk wrote:
Looks like someone did it:
https://stackoverflow.com/questions/17730950/jetty-jaas-and-active-directory-authentication-only
On-prem AD is really just LDAP+SSL but I know next to nothing about
jetty so I would be tempted to put it behind an apache or nginx proxy
and off-load the auth to it. Those are well documented.
I want to use Solr's authorization capability, so I don't think
configuring auth in Jetty is what I want at all. Same goes for any kind
of proxy layer. I could probably teach a proxy how to do the
authorization I want, but I really don't want to reinvent the wheel that
has already been built into Solr. It would be a TON of work.
Thanks,
Shawn
