On 3/24/23 20:39, Kevin Risden wrote:
I personally haven't tried it but I would guess it takes the
principal/username and you can map it to whatever roles you want using
"user-role":
https://solr.apache.org/guide/solr/latest/deployment-guide/rule-based-authorization-plugin.html#configuration-syntax
Does the hadoop ldap auth plugin provide a shortened name as described
in ref guide page on authorization? What is the significance of the
sysPropPrefix setting? Does it only affect Solr, or does it have
significance for the LDAP server?
I think this means I can't edit the security setup using the admin UI,
which is disappointing but not surprising.
Trying to think up a way to test this. I only have a Windows VM in the
target environment that I can experiment on. I don't want to modify the
actual servers until I've worked out the kinks. Maybe a docker image?
Thanks,
Shawn
