[
https://issues.apache.org/jira/browse/SOLR-8440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16002449#comment-16002449
]
Jan Høydahl edited comment on SOLR-8440 at 5/9/17 10:57 AM:
------------------------------------------------------------
Running {{solr auth -enable}} without starting Solr throws a stack trace
instead of printing usage. Do we need to hit localhost HTTP before validating
program args?
{noformat}
Exception in thread "main" org.apache.http.conn.HttpHostConnectException:
Connect to localhost:80 [localhost/127.0.0.1] failed: Connection refused
(Connection refused)
at
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:151)
{noformat}
If you move the [{{getZkHost(cli)}}
check|https://github.com/apache/lucene-solr/blob/c9541c216d57ff816d64beef566990d8754008db/solr/core/src/java/org/apache/solr/util/SolrCLI.java#L3586]
to after the credentials check, then it's a bit better.
Also, can we add an option {{zkHost}} to the auth options, so that it is
possible to specify {{-zkHost localhost:2181}} and enable auth *without a
running Solr*? This is nice for scripting installers.
was (Author: janhoy):
Running {{solr auth -enable}} without starting Solr throws a stack trace
instead of printing usage. Do we need to hit localhost HTTP before validating
program args?
{noformat}
Exception in thread "main" org.apache.http.conn.HttpHostConnectException:
Connect to localhost:80 [localhost/127.0.0.1] failed: Connection refused
(Connection refused)
at
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:151)
{noformat}
> Script support for enabling basic auth
> --------------------------------------
>
> Key: SOLR-8440
> URL: https://issues.apache.org/jira/browse/SOLR-8440
> Project: Solr
> Issue Type: New Feature
> Components: scripts and tools
> Reporter: Jan Høydahl
> Assignee: Ishan Chattopadhyaya
> Labels: authentication, security
> Fix For: 6.6, master (7.0)
>
> Attachments: SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch,
> SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch,
> SOLR-8440.patch
>
>
> Now that BasicAuthPlugin will be able to work without an AuthorizationPlugin
> (SOLR-8429), it would be sweet to provide a super simple way to "Password
> protect Solr"™ right from the command line:
> {noformat}
> bin/solr basicAuth -adduser -user solr -pass SolrRocks
> {noformat}
> It would take the mystery out of enabling one single password across the
> board. The command would do something like this
> # Check if HTTPS is enabled, and if not, print a friendly warning
> # Check if {{/security.json}} already exists
> ## NO => create one with only plugin class defined
> ## YES => Abort if exists but plugin is not {{BasicAuthPlugin}}
> # Using security REST API, add the new user
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
