lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aziz Gaou <gaoua...@gmail.com>
Subject Re: Securing solr 5.2 basic auth permission rules
Date Thu, 17 Sep 2015 09:54:42 GMT
thank you so much for your reply,

Now, i try to protect Apache Solr 5 admin with jetty, when I change

1) sudo nano /opt/solr/server/etc/webdefault.xml


<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app ......>

<!-- only the relevant addition is listed here -->

<security-constraint>
  <web-resource-collection>
    <web-resource-name>Solr</web-resource-name>
    <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
    <role-name>search-role</role-name>
  </auth-constraint>
</security-constraint>

<login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>Solr Realm</realm-name>
</login-config>

</web-app>

2) i changed too "*jetty.xml *
<https://gist.github.com/jstrassburg/9777027#file-jetty-xml> " and "
*realm.properties*
<https://gist.github.com/jstrassburg/9777027#file-realm-properties>"

3) the following message will appear on browser:

 - http://localhost:8983/solr/


HTTP ERROR: 503

Problem accessing /solr/. Reason:

    Service Unavailable

------------------------------
*Powered by Jetty://*


Thanks for your help

2015-09-16 18:58 GMT+00:00 Anshum Gupta <anshum@anshumgupta.net>:

> Basic authentication (and the API support, that you're trying to use) was
> only released with 5.3.0 so it wouldn't work with 5.2.
> 5.2 only had the authentication and authorization frameworks, and shipped
> with Kerberos authentication plugin out of the box.
>
> There are a few known issues with that though, and a 5.3.1 release is just
> around the corner.
>
> On Wed, Sep 16, 2015 at 10:11 AM, Aziz Gaou <gaouaziz@gmail.com> wrote:
>
> > Hi,
> >
> > I try to follow:
> >
> >
> https://cwiki.apache.org/confluence/display/solr/Basic+Authentication+Plugin
> > ,
> > to protect Solr 5.2 Admin with password, but I have not been able to
> > secure.
> >
> > 1) When I run the following command:
> >
> > curl --user solr:SolrRocks
> http://localhost:8983/solr/admin/authentication
> > -H 'Content-type:application/json'-d '{
> >   "set-user": {"tom" : "TomIsCool" }}'
> >
> > no update on the file security.json
> >
> > 2) I launched the following 2 commands:
> >
> > curl --user solr:SolrRocks
> http://localhost:8983/solr/admin/authorization
> > -H 'Content-type:application/json'-d '{"set-permission": {
> > "name":"updates", "collection":"MyCollection", "role": "dev"}}'
> >
> > curl --user solr:SolrRocks
> http://localhost:8983/solr/admin/authorization
> > -H 'Content-type:application/json' -d '{ "set-user-role":
> {"tom":["dev"}}'
> >
> > always MyCollection is not protected.
> >
> >
> > thank you for your help.
> >
>
>
>
> --
> Anshum Gupta
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message