org.apache.solr.security.RuleBasedAuthorizationPlugin Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of solr-core Show documentation
Show all versions of solr-core Show documentation
Apache Solr (module: core)
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.solr.security;
import static org.apache.solr.handler.admin.SecurityConfHandler.getMapValue;
import java.security.Principal;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
/**
* Original implementation of Rule Based Authz plugin which configures user/role mapping in the
* security.json configuration
*/
public class RuleBasedAuthorizationPlugin extends RuleBasedAuthorizationPluginBase {
private final Map> usersVsRoles = new HashMap<>();
private boolean useShortName;
@Override
public void init(Map initInfo) {
super.init(initInfo);
Map map = getMapValue(initInfo, "user-role");
for (Object o : map.entrySet()) {
@SuppressWarnings("unchecked")
Map.Entry e = (Map.Entry) o;
String roleName = e.getKey();
usersVsRoles.put(roleName, Permission.readValueAsSet(map, roleName));
}
useShortName =
Boolean.parseBoolean(initInfo.getOrDefault("useShortName", Boolean.FALSE).toString());
}
@Override
public Set getUserRoles(AuthorizationContext context) {
if (useShortName) {
return usersVsRoles.get(context.getUserName());
} else {
return getUserRoles(context.getUserPrincipal());
}
}
/**
* Look up user's role from the explicit user-role mapping.
*
* @param principal the user Principal from the request
* @return set of roles as strings
*/
@Override
public Set getUserRoles(Principal principal) {
return usersVsRoles.get(principal.getName());
}
}