[
https://issues.apache.org/jira/browse/SOLR-8408?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15056774#comment-15056774
]
Kristine Jetzke edited comment on SOLR-8408 at 12/14/15 9:58 PM:
-----------------------------------------------------------------
I used 5.3.1 when I reported the problem. I just re-tested it with 5.4.0 (which
was officially released today). It works as expected in 5.4.0 (probably fixed
by this commit:
https://github.com/apache/lucene-solr/commit/ab9e3b9401d642f5022733f37f6935205a66533d#diff-633c0e901e0bcf1bd78cbbdf737eea33).
So this issue can be closed. Bad timing, I guess ;-)
was (Author: tinexw):
I used 5.3.1 when I reported the problem. I just re-tested it with 5.4.0 (which
was officially released today). It works as expected in 5.4.0 (probably fixed
by this commit:
https://github.com/apache/lucene-solr/commit/ab9e3b9401d642f5022733f37f6935205a66533d#diff-633c0e901e0bcf1bd78cbbdf737eea33).
So this issue can be closed. Bad timing, I guess ;-)
> Basic Auth Plugin doesn't require any credentials, doesn't enforce
> authentication
> ---------------------------------------------------------------------------------
>
> Key: SOLR-8408
> URL: https://issues.apache.org/jira/browse/SOLR-8408
> Project: Solr
> Issue Type: Bug
> Reporter: Hoss Man
> Assignee: Noble Paul
> Attachments: SOLR-8408.patch
>
>
> as noted on solr-user by Kristine Jetzke, and trivially to reproduce...
> {noformat}
> # interactively launch solr cloud
> $ bin/solr -e cloud
> # ... for simplicity of test, pick a single node, 1 shard, 1 replica
> # now upload security.json from wiki page...
> # https://cwiki.apache.org/confluence/display/solr/Basic+Authentication+Plugin
> $ server/scripts/cloud-scripts/zkcli.sh -zkhost localhost:9983 -cmd put
> /security.json '{
> "authentication":{
> "class":"solr.BasicAuthPlugin",
> "credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
> },
> "authorization":{
> "class":"solr.RuleBasedAuthorizationPlugin",
> "permissions":[{"name":"security-edit",
> "role":"admin"}],
> "user-role":{"solr":"admin"}
> }}'
> # now stop & restart the single node we are using...
> $ bin/solr stop -all
> $ bin/solr restart -c -p 8983 -s example/cloud/node1/solr
> # valid credentials are accepted...
> $ curl -u 'solr:SolrRocks'
> 'http://localhost:8983/solr/gettingstarted/select?q=*%3A*&wt=json&indent=true'
> {
> "responseHeader":{
> "status":0,
> "QTime":0,
> "params":{
> "q":"*:*",
> "indent":"true",
> "wt":"json"}},
> "response":{"numFound":0,"start":0,"docs":[]
> }}
> # invalid credentials are denied...
> $ curl -u 'solr:SolrBogus'
> 'http://localhost:8983/solr/gettingstarted/select?q=*%3A*&wt=json&indent=true'
>
> <html>
> <head>
> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
> <title>Error 401 Bad credentials</title>
> </head>
> <body><h2>HTTP ERROR 401</h2>
> <p>Problem accessing /solr/gettingstarted/select. Reason:
> <pre> Bad credentials</pre></p><hr><i><small>Powered by
> Jetty://</small></i><hr/>
> </body>
> </html>
> # requests w/o credentials are accepted even though they should be denied...
> $ curl
> 'http://localhost:8983/solr/gettingstarted/select?q=*%3A*&wt=json&indent=true'{
> "responseHeader":{
> "status":0,
> "QTime":0,
> "params":{
> "q":"*:*",
> "indent":"true",
> "wt":"json"}},
> "response":{"numFound":0,"start":0,"docs":[]
> }}
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
