Additional option for Search Services to authenticate with a shared secret
The tracking REST APIs in content repository now have an option to use a shared secret to authenticate.
This a a simple method to protect the API and not expose the APIs unprotected ().
Implement a new authentication method in SS and IE
Shared secret should be able to be set as an environment variable or similar without a property file.
Add integration tests
Note, the implementation on the repository side: https://github.com/Alfresco/alfresco-community-repo/pull/334
It is supported from ACS 7.0
Using parameter -Dsolr.sharedSecret=secret for ACS 7.0.0 provokes an Exception during initialisation that prevents the Repository to be started.
Currently repository is accepting requests from SOLR using “secret” authentication, but it’s not sending requests to SOLR using this new authentication.
It’s also required to develop this part in Repo side along with the SOLR support for “secret” authentication.
Ticket has been resized to 20 points.