SOLR-15073: Fix ClassCastException in SystemInfoHandler.getSecurityInfo.

cpoerschke · cpoerschke · commit 9d4811e02f0d · 2021-01-22T18:33:28.000Z
Same fix as the #2210 PR commit earlier but this time not extending SystemInfoHandlerTest and also not adding a static SystemInfoHandler.getSecurityInfo variant for test use.
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
@@ -364,6 +364,8 @@ Bug Fixes
 
 * SOLR-15070: Suggester requests made with SolrJ can now use XMLResponseParser (Jason Gerlowski)
 
+* SOLR-15073: Fix ClassCastException in SystemInfoHandler.getSecurityInfo. (Nikolay Ivanov, Christine Poerschke)
+
 * SOLR-15071: Fix ArrayIndexOutOfBoundsException in contrib/ltr SolrFeatureScorer.
   (Florin Babes, Ovidiu Mihalcea, David Smiley, Christine Poerschke)
 
diff --git a/solr/core/src/java/org/apache/solr/handler/admin/SystemInfoHandler.java b/solr/core/src/java/org/apache/solr/handler/admin/SystemInfoHandler.java
@@ -344,7 +344,7 @@ public SimpleOrderedMap<Object> getSecurityInfo(SolrQueryRequest req)
       // Mapped roles for this principal
       @SuppressWarnings("resource")
       AuthorizationPlugin auth = cc==null? null: cc.getAuthorizationPlugin();
-      if (auth != null) {
+      if (auth instanceof RuleBasedAuthorizationPluginBase) {
         RuleBasedAuthorizationPluginBase rbap = (RuleBasedAuthorizationPluginBase) auth;
         Set<String> roles = rbap.getUserRoles(req.getUserPrincipal());
         info.add("roles", roles);
