Thanks for your responses. Good pointers on setting the header at request and client level. I might just go with Ufuk's tip and set the JWT token in the HttpClient and pass it in the withHttpClient() method of the Builder while building the SolrClient.
Having said that, would still be interested in knowing the different ways users implement authentication for their Solr installations. Thanks, Rahul On Sun, Dec 17, 2023 at 6:53 PM Jan Høydahl <jan....@cominvent.com> wrote: > The SolrRequest supports addHeader(), so you may be able to add the JWT > header to the request, then call mySolrRequest.process(myHttpSolrClient) > > Jan > > > 16. des. 2023 kl. 08:46 skrev ufuk yılmaz <uyil...@vivaldi.net.INVALID>: > > > > Isn’t jwt token just some http header? I wonder if it could be added > easily by constructing a custom http client instance for solrj to use. > > > > Also docs say that it supports multiple authentication schemes. Maybe > you can use http basic and a service account just for solrj and jwt for > other clients. > > > > — > > > >> On 16 Dec 2023, at 09:52, Jim Morgan <jim.mor...@nknews.org.invalid> > wrote: > >> > >> I guess one option would be running it behind a proxy (nginx, varnish, > >> haproxy etc) and adding the authentication at that level. This also > means > >> you can use the proxy as an SSL terminator and so secure traffic. > >> > >>> On Sat, Dec 16, 2023 at 3:03 AM Rahul Goswami <rahul196...@gmail.com> > wrote: > >>> > >>> Hello, > >>> I am using Solr 8.11.1 in standalone mode and need to implement > >>> authentication for API calls. I went over the below documentation page > to > >>> evaluate my options: > >>> https://solr.apache.org/guide/8_11/securing-solr.html > >>> > >>> JWTPlugin seems to be something which could be a good option. But it > >>> mentions that the SolrJ client doesnt support passing JWT tokens ( > >>> > https://solr.apache.org/guide/8_11/jwt-authentication-plugin.html#jwt-soljr > >>> ) . Wouldn't that make the plugin practically unusable? > >>> > >>> Also, I would like to know from the community some other ways that are > >>> commonly prevalent for Solr authentication. I am more interested in the > >>> authentication piece than authorization. > >>> > >>> Thanks, > >>> Rahul > >>> > > > >
