Menu
I have Solr 8.1 installed, and I have this sample JWT
HEADER:ALGORITHM & TOKEN TYPE
{
"alg": "HS256",
"typ": "JWT"
}
PAYLOAD:DATA
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
}
The secret key is "your-256-bit-secret"
Which generates the encoded JWT of
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
I am following the documentation for Solr 8.1 about how to configure AWT authentication
https://lucene.apache.org/solr/guide/8_1/jwt-authentication-plugin.html#editing-jwt-authentication-plugin-configuration
Which says that the security.json file will have the the following JSON object
{
"authentication": {
"class":"solr.JWTAuthPlugin"
}
}
Which can have a lot more fields like jwk
Can someone show me an example of how the information for the JWT e.g
HEADER:ALGORITHM & TOKEN TYPE
{
"alg": "HS256",
"typ": "JWT"
}
PAYLOAD:DATA
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
}
can be put into this object, and what field it should use
{
"authentication": {
"class":"solr.JWTAuthPlugin"
}
}
747
asked May 15 '26 05:05
After 2 weeks I finally figured out the answer. So I wrote an article about it on my LinkedIn profile
https://www.linkedin.com/pulse/securing-solr-8x-using-jwt-authentication-plugin-tyrone-tse/
61
answered May 18 '26 07:05
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With