[jira] [Commented] (SOLR-8440) Script support for enabling basic auth

Tue, 09 May 2017 02:24:20 -0700 

    [ 
https://issues.apache.org/jira/browse/SOLR-8440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16002357#comment-16002357
 ] 

Jan Høydahl commented on SOLR-8440:
-----------------------------------

bq. The bin/solr script has no notion of SOLR_VAR_DIR
I know. The script only knows about SOLR_TIP, SOLR_HOME, SOLR_PID_DIR etc. 

{{SOLR_PID_DIR}} will default to {{$SOLR_TIP/bin}}, but if custom SOLR_HOME is 
set, then SOLR_PID_DIR will be equal to SOLR_HOME, unless SOLR_PID_DIR is set 
explicitly, as it is by the installer...

If we chose SOLR_PID_DIR as location for {{basicAuth.conf}} then
* In a default unzipp'ed install, it will end up in bin/ next to start script
* In the default linux installer setup it will end up in {{/var/solr/}}
* In a custom install it will end up next to PID file which is probably in 
SOLR_HOME.

So perhaps simply {{SOLR_HOME}} is as good location as anything, where also 
{{solr.xml}}, {{zoo.cfg}}, and {{security.json}} for non-cloud already are? You 
decide...

> Script support for enabling basic auth
> --------------------------------------
>
>                 Key: SOLR-8440
>                 URL: https://issues.apache.org/jira/browse/SOLR-8440
>             Project: Solr
>          Issue Type: New Feature
>          Components: scripts and tools
>            Reporter: Jan Høydahl
>            Assignee: Ishan Chattopadhyaya
>              Labels: authentication, security
>             Fix For: 6.6, master (7.0)
>
>         Attachments: SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch, 
> SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch, 
> SOLR-8440.patch
>
>
> Now that BasicAuthPlugin will be able to work without an AuthorizationPlugin 
> (SOLR-8429), it would be sweet to provide a super simple way to "Password 
> protect Solr"™ right from the command line:
> {noformat}
> bin/solr basicAuth -adduser -user solr -pass SolrRocks
> {noformat}
> It would take the mystery out of enabling one single password across the 
> board. The command would do something like this
> # Check if HTTPS is enabled, and if not, print a friendly warning
> # Check if {{/security.json}} already exists
> ## NO => create one with only plugin class defined
> ## YES => Abort if exists but plugin is not {{BasicAuthPlugin}}
> # Using security REST API, add the new user



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to