[jira] [Commented] (SOLR-8440) Script support for enabling basic auth

Tue, 09 May 2017 12:23:42 -0700 

    [ 
https://issues.apache.org/jira/browse/SOLR-8440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16003359#comment-16003359
 ] 

Ishan Chattopadhyaya commented on SOLR-8440:
--------------------------------------------

bq. So perhaps simply SOLR_HOME is as good location as anything, where also 
solr.xml, zoo.cfg, and security.json for non-cloud already are

It seems that SOLR_HOME is only applicable in the context of a start command, 
where the home directory is specifically provided by the user. However, for a 
running Solr instance, it should be possible to query it to know which home 
directory it started with. But, I'm not sure how to get at the home directory 
(or what a home directory even means) for a not-yet-started Solr instance 
(assuming that your motivation behind suggesting a -zkUrl was that a 
not-yet-started instance could also leverage -enable). Any ideas, [~janhoy]?

> Script support for enabling basic auth
> --------------------------------------
>
>                 Key: SOLR-8440
>                 URL: https://issues.apache.org/jira/browse/SOLR-8440
>             Project: Solr
>          Issue Type: New Feature
>          Components: scripts and tools
>            Reporter: Jan Høydahl
>            Assignee: Ishan Chattopadhyaya
>              Labels: authentication, security
>             Fix For: 6.6, master (7.0)
>
>         Attachments: SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch, 
> SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch, 
> SOLR-8440.patch
>
>
> Now that BasicAuthPlugin will be able to work without an AuthorizationPlugin 
> (SOLR-8429), it would be sweet to provide a super simple way to "Password 
> protect Solr"™ right from the command line:
> {noformat}
> bin/solr basicAuth -adduser -user solr -pass SolrRocks
> {noformat}
> It would take the mystery out of enabling one single password across the 
> board. The command would do something like this
> # Check if HTTPS is enabled, and if not, print a friendly warning
> # Check if {{/security.json}} already exists
> ## NO => create one with only plugin class defined
> ## YES => Abort if exists but plugin is not {{BasicAuthPlugin}}
> # Using security REST API, add the new user



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to