我找不到有关如何仅允许单个用户访问特定 SOLR 核心的任何信息。我正在使用 SOLR7。这就是我所拥有的:
安全.json
{
"authentication": {
"blockUnknown": true,
"class": "solr.BasicAuthPlugin",
"credentials": {
"test_admin": "xxx",
"infographics": "xxx",
"test_user": "xxx"
},
"": {
"v": 0
}
},
"authorization": {
"class": "solr.RuleBasedAuthorizationPlugin",
"permissions": [
{
"name": "all",
"role": "admin",
"index": 1
},
{
"name": "update",
"role": "general",
"index": 2
},
{
"name": "read",
"role": [
"general",
"infographics",
"test_user"
],
"index": 3
},
{
"name": "collection-admin-read",
"role": "general",
"index": 4
},
{
"name": "core-admin-read",
"role": "general",
"index": 5
},
{
"name": "core-specific-permission",
"collection": "test-core",
"role": "test_user",
"before": 3,
"index": 6
}
],
"user-role": {
"test_admin": [
"admin",
"general"
],
"infographics": "infographics",
"test_user": "test_user"
},
"": {
"v": 0
}
}
}
我添加了集合“test-core”的权限:
{
"name": "core-specific-permission",
"collection": "test-core",
"role": "test_user",
"before": 3,
"index": 6
}
我test_user在调用时进行身份验证:/solr/test-core/select?q=*:*,这工作正常,但它也可以访问其他内核,例如:/solr/other-core/select?q=*:*。
如果我从读取权限中删除 test_user:
{
"name": "read",
"role": [
"general",
"infographics"
],
"index": 3
},
那么我无法查询任何核心。得到 403。因为test_user我想只允许访问这个核心/solr/test-core/select?q=*:*而不是其他任何东西。知道如何实现这一目标吗?