我正在使用solr 8.1.1版本。我已经在security.json文件中实现了jwt身份验证脚本。
下面是我的带有身份验证和授权的security.json脚本
{"authentication":{
"blockUnknown":false,
"class":"solr.JWTAuthPlugin",
"jwk":{
"kty":"oct",
"use":"sig",
"kid":"k1",
"k":"10A02618BE6943C22FD81CA49F6FCF063B6E1732C3614BC3ACA6032B6B3215CAF0D28A34FD423423CA3AC34BEA27D3F79",
"alg":"HS256"},
"aud":"solr",
"adminUiScope":"solr"},"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions":[
{
"name":"read",
"path":"/select/*",
"role":"solr-update",
"index":1},
{
"name":"all-admin",
"collection":null,
"path":"/*",
"role":"solr-update",
"index":2},
{
"name":"update",
"role":"solr-update",
"index":3},
{
"path":"/*",
"role":"solr-update",
"index":4}],
"user-role":{"solr":"solr-update"},
"":{"v":0}},"auditlogging":{
"class":"solr.SolrLogAuditLoggerPlugin",
"async":false}}
使用上述脚本,通过jwt.io生成的以下jwt令牌可以很好地进行身份验证
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJzb2xyMSIsImF1ZCI6InNvbHIiLCJleHAiOjk5MTYyMzkwMjJ9.o9mIkcLwXQPHLX4IyE2L1yW6tPlTIDUzEBh4bjHW0oSzlSkGf1ch8ibOVipMrnuZ5uR6uEm3D_IxXcFWhFcFfw
启动solr时,很少有使用身份验证执行的API。因此,由于这个原因,我想绕过/禁用它们(admin / info,admin / cores),但我无法访问solr仪表板。
在加载solr实例时,是否有任何方法可以禁用管理API。
谢谢!
