我找不到有关如何仅允许单个用户访问特定SOLR内核的任何信息。我正在使用SOLR7。这就是我所拥有的:
security.json
{
"authentication": {
"blockUnknown": true,
"class": "solr.BasicAuthPlugin",
"credentials": {
"test_admin": "xxx",
"infographics": "xxx",
"test_user": "xxx"
},
"": {
"v": 0
}
},
"authorization": {
"class": "solr.RuleBasedAuthorizationPlugin",
"permissions": [
{
"name": "all",
"role": "admin",
"index": 1
},
{
"name": "update",
"role": "general",
"index": 2
},
{
"name": "read",
"role": [
"general",
"infographics",
"test_user"
],
"index": 3
},
{
"name": "collection-admin-read",
"role": "general",
"index": 4
},
{
"name": "core-admin-read",
"role": "general",
"index": 5
},
{
"name": "core-specific-permission",
"collection": "test-core",
"role": "test_user",
"before": 3,
"index": 6
}
],
"user-role": {
"test_admin": [
"admin",
"general"
],
"infographics": "infographics",
"test_user": "test_user"
},
"": {
"v": 0
}
}
}
我添加了一个收集“ test-core”的权限:
{
"name": "core-specific-permission",
"collection": "test-core",
"role": "test_user",
"before": 3,
"index": 6
}
我在调用test_user时使用/solr/test-core/select?q=*:*进行身份验证,这可以正常工作,但它也可以访问其他内核,例如:/solr/other-core/select?q=*:*。
如果我从读取权限中删除了test_user:
{
"name": "read",
"role": [
"general",
"infographics"
],
"index": 3
},
然后我无法查询任何核心。得到403。对于test_user,我只想允许访问此核心/solr/test-core/select?q=*:*,而不能访问其他任何内容。知道如何实现吗?