Adding Basic Auth to allow access to secured URL's

[EricMeeks]

Want to use this to proxy to a SOLR instance that is protected by basis auth. Would like it so that some configured username/password set of credentials is added every time I proxy into SOLR. Can probably add this myself, but is this a feature that others might want?

Note that I will be protecting this Servlet in other ways (Shibboleth or LDAP stuff) so I'm not going to be exposing a locked down SOLR instance in an unprotected way. Really, I'm just trying to use this to add more security flexibility into SOLR.

[dsmiley]

Sounds useful! PR welcome.

[EricMeeks]

Hello again. Just want to write to thank you and let you know that we did modify your code to allow various basic auth users to access the proxy, which then uses a single system level basic auth user to access a protected API (Apache SOLR in our case). It was only a few tweaks of code to make this happen. This is the product https://project-emerse.org/ We’ve only done this for our UCSF version of the code, but we are giving a presentation on Thursday to the EMERSE community where we will talk about a bunch of things including the use of your proxy to manage SOLR access in a HIPAA compliant manner. I expect some others will want this as well at some point. Thanks! Eric From: David Smiley ***@***.***> Sent: Wednesday, May 19, 2021 3:08 PM To: mitre/HTTP-Proxy-Servlet ***@***.***> Cc: Meeks, Eric ***@***.***>; Author ***@***.***> Subject: Re: [mitre/HTTP-Proxy-Servlet] Adding Basic Auth to allow access to secured URL's (#201) Sounds useful! PR welcome. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe. ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ‍ ZjQcmQRYFpfptBannerStart This Message Is From an External Sender This message came from outside your organization. ZjQcmQRYFpfptBannerEnd Sounds useful! PR welcome. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub<https://urldefense.com/v3/__https:/github.com/mitre/HTTP-Proxy-Servlet/discussions/201*discussioncomment-760773__;Iw!!LQC6Cpwp!9GK-1iK-TSQB-bDRhcA-E4_HphIDqUCfBda6x1XhX-MbCRIL3gotHExrECnfvdAsGA$>, or unsubscribe<https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AAJQFS4GW3GBHCA6L3BHF2TTOQZENANCNFSM45FPFZVA__;!!LQC6Cpwp!9GK-1iK-TSQB-bDRhcA-E4_HphIDqUCfBda6x1XhX-MbCRIL3gotHExrECkdBoS0DA$>.