[
https://issues.apache.org/jira/browse/SOLR-8440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16003623#comment-16003623
]
Jan Høydahl commented on SOLR-8440:
-----------------------------------
bq. But, I'm not sure how to get at the home directory
The bin/solr script already resolves the SOLR_HOME variable but as you say,
only for "start" command. Guess we have to move the SOLR_HOME resolution lines
higher up in the script
{code}
if [ -z "$SOLR_HOME" ]; then
SOLR_HOME="$SOLR_SERVER_DIR/solr"
else
if [[ $SOLR_HOME != /* ]] && [[ -d "$SOLR_SERVER_DIR/$SOLR_HOME" ]]; then
SOLR_HOME="$SOLR_SERVER_DIR/$SOLR_HOME"
SOLR_PID_DIR="$SOLR_HOME"
elif [[ $SOLR_HOME != /* ]] && [[ -d "`pwd`/$SOLR_HOME" ]]; then
SOLR_HOME="$(pwd)/$SOLR_HOME"
fi
fi
{code}
It should then work for both cold and running Solr. If SOLR_HOME is given in
ENV or solr.in.sh it will be used, else it will be resolved to server/solr. No
need to ask the running Solr where its home dir is, the bin/solr script already
knows (unless an instance was started one-off with {{-s <dir>}} on the command
line. However, let's assume in the first version that SOLR_HOME is either the
default or is specified in env or solr.in.sh. So to configure auth for another
instance, it could look like
{noformat}
bin/solr auth -enable .... -s /path/to/solrhome -zkHost localhost:2181 #
Explicitly point out both home and zk
SOLR_INCLUDE=/path/to/our/instance/solr.in.sh && bin/solr auth -enable ... #
Pull both SOLR_HOME and ZK_HOST from solr.in
{noformat}
In a later version we could of course also support
{noformat}
bin/solr auth -enable .... -p 8984 # Lookup what home and zk the running solr
is using
bin/solr auth -enable .... -i /path/to/solr.in.sh # Explicitly point to
solr.in.sh instead of setting SOLR_INCLUDE
{noformat}
Another benefit of always knowing where SOLR_HOME is, is that SOLR-10645 will
know where to put security.json too :)
> Script support for enabling basic auth
> --------------------------------------
>
> Key: SOLR-8440
> URL: https://issues.apache.org/jira/browse/SOLR-8440
> Project: Solr
> Issue Type: New Feature
> Components: scripts and tools
> Reporter: Jan Høydahl
> Assignee: Ishan Chattopadhyaya
> Labels: authentication, security
> Fix For: 6.6, master (7.0)
>
> Attachments: SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch,
> SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch, SOLR-8440.patch,
> SOLR-8440.patch
>
>
> Now that BasicAuthPlugin will be able to work without an AuthorizationPlugin
> (SOLR-8429), it would be sweet to provide a super simple way to "Password
> protect Solr"™ right from the command line:
> {noformat}
> bin/solr basicAuth -adduser -user solr -pass SolrRocks
> {noformat}
> It would take the mystery out of enabling one single password across the
> board. The command would do something like this
> # Check if HTTPS is enabled, and if not, print a friendly warning
> # Check if {{/security.json}} already exists
> ## NO => create one with only plugin class defined
> ## YES => Abort if exists but plugin is not {{BasicAuthPlugin}}
> # Using security REST API, add the new user
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
