From solr-user-return-141863-archive-asf-public=cust-asf.ponee.io@lucene.apache.org  Fri Jun 15 19:14:25 2018
Return-Path: <solr-user-return-141863-archive-asf-public=cust-asf.ponee.io@lucene.apache.org>
X-Original-To: archive-asf-public@cust-asf.ponee.io
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by mx-eu-01.ponee.io (Postfix) with SMTP id E07A9180636
	for <archive-asf-public@cust-asf.ponee.io>; Fri, 15 Jun 2018 19:14:24 +0200 (CEST)
Received: (qmail 40283 invoked by uid 500); 15 Jun 2018 17:14:23 -0000
Mailing-List: contact solr-user-help@lucene.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:solr-user-help@lucene.apache.org>
List-Unsubscribe: <mailto:solr-user-unsubscribe@lucene.apache.org>
List-Post: <mailto:solr-user@lucene.apache.org>
List-Id: <solr-user.lucene.apache.org>
Reply-To: solr-user@lucene.apache.org
Delivered-To: mailing list solr-user@lucene.apache.org
Received: (qmail 40271 invoked by uid 99); 15 Jun 2018 17:14:22 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd4-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 15 Jun 2018 17:14:22 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 0EFFAC02EB
	for <solr-user@lucene.apache.org>; Fri, 15 Jun 2018 17:14:22 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001,
	SPF_PASS=-0.001] autolearn=disabled
Authentication-Results: spamd4-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=kattare.com
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024)
	with ESMTP id Bm1tkMFOb5go for <solr-user@lucene.apache.org>;
	Fri, 15 Jun 2018 17:14:21 +0000 (UTC)
Received: from pyramid-04.kattare.com (pyramid-04.kattare.com [65.212.180.211])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id AA4FD5F42E
	for <solr-user@lucene.apache.org>; Fri, 15 Jun 2018 17:14:20 +0000 (UTC)
Received: from [10.0.1.23] (208-107-174-117-dynamic.midco.net [208.107.174.117])
	by pyramid-04.kattare.com (Postfix) with ESMTPSA id 078B48A003C
	for <solr-user@lucene.apache.org>; Fri, 15 Jun 2018 10:14:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kattare.com;
	s=pyramid-04.kattare.com2014; t=1529082853;
	bh=bXLR5QKlL0NgusPdjGQUzNlxgZTEd0B6UmkipoKzQZk=;
	h=Subject:References:To:From:Date:In-Reply-To:From;
	b=YZNZnqG7tofM2+XcQxvR+arEgz2GVHVBTHh0Be8rxVbwMMVXdggCTfFJp9xshy82U
	 fmj4W8XQC3dPSBPRhBJmO/SQHVJKqESn7JhEGmUr9R38YcYUww0U0nrBWzMDyUW93I
	 jsRsXBFajKkvOPcH3c2m4VDezri2t+snxX7Q9JBcdIUWicyZJwTfVo6b1ypOA2Jj74
	 AWf/eZ+mbto4FnsV2ayUN5O+WYTTjedsDBa6vnIUQ6hDOG/W6vK+TEegw/kVIKZJKe
	 69kwo6L4XhHnJ1GdwkoHf+xrpRpD+ZLBXfiEwJeR88oYf4MYWSxvTI6WfNqSWSIHYo
	 AM8rxm8gt/Y+w==
Subject: Re: Solr basic auth
References: <CAP-m_hFO__LPNr7gU=Jy85ZGQF0SE23N-qd0HR+_x3KK8C6LZQ@mail.gmail.com>
 <C86C49E5-5E6A-4371-8909-CBD4A98787ED@cominvent.com>
To: solr-user@lucene.apache.org
From: Terry Steichen <terry@net-frame.com>
Message-ID: <d0ce921d-b174-e57f-12fa-8ececcffa9d7@net-frame.com>
Date: Fri, 15 Jun 2018 13:12:10 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <C86C49E5-5E6A-4371-8909-CBD4A98787ED@cominvent.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Content-Language: en-US

"When authentication is enabled ALL requests must carry valid
credentials."  I believe this behavior depends on the value you set for
the *blockUnknown* authentication parameter.


On 06/15/2018 06:25 AM, Jan Høydahl wrote:
> When authentication is enabled ALL requests must carry valid credentials.
>
> Are you asking for a feature where a request is authenticated based on IP address of the client, not username/password?
>
> Jan
>
> Sendt fra min iPhone
>
>> 14. jun. 2018 kl. 22:24 skrev Dinesh Sundaram <sdineshroshan@gmail.com>:
>>
>> Hi,
>>
>> I have configured basic auth for solrcloud. it works well when i access the
>> solr url directly. i have integrated this solr with test.com domain. now if
>> I access the solr url like test.com/solr it prompts the credentials but I
>> dont want to ask this time since it is known domain. is there any way to
>> achieve this. much appreciate your quick response.
>>
>> my security json below. i'm using the default security, want to allow my
>> domain default without prompting any credentials.
>>
>> {"authentication":{
>>   "blockUnknown": true,
>>   "class":"solr.BasicAuthPlugin",
>>   "credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
>> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
>> },"authorization":{
>>   "class":"solr.RuleBasedAuthorizationPlugin",
>>   "permissions":[{"name":"security-edit",
>>      "role":"admin"}],
>>   "user-role":{"solr":"admin"}
>> }}