[ 
https://issues.apache.org/jira/browse/SOLR-11959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16364672#comment-16364672
 ] 

Amrit Sarkar commented on SOLR-11959:
-------------------------------------

I figured and faced the same issue and obviously we need to improve CDCR to 
support Basic Authentication and Authorization across clusters.

Design model I see it happening: please checkout: SOLR-8389, we are introducing 
cdcr.json (cdcr configuration) in the zookeeper unlike solrconfig.xml. Is 
providing *username:password* as a property value for each target configuration 
in cdcr.json will be safe way to do this? As we can direct to multiple clusters 
and multiple collections, the basic auth property will be target specific.

Looking forward to feedback and recommendations, I can start with this once we 
agree on design.

> CDCR unauthorized to replicate to a target collection that is update 
> protected in security.json
> -----------------------------------------------------------------------------------------------
>
>                 Key: SOLR-11959
>                 URL: https://issues.apache.org/jira/browse/SOLR-11959
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: CDCR, SolrCloud
>    Affects Versions: 7.2
>            Reporter: Donny Andrews
>            Priority: Major
>
> Steps to reproduce: 
>  # Create a source and a target collection in their respective clusters. 
>  # Update security.json to require a non-admin role to read and write. 
>  # Index to source collection 
> Expected: 
> The target collection should receive the update
> Actual:
> {code:java}
> org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error 
> from server at http://redacted/solr/redacted: Expected mime type 
> application/octet-stream but got text/html. <html>
>  <head>
>  <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
>  <title>Error 401 Unauthorized request, Response code: 401</title>
>  </head>
>  <body><h2>HTTP ERROR 401</h2>
>  <p>Problem accessing /solr/redacted/update. Reason:
>  <pre> Unauthorized request, Response code: 401</pre></p>
>  </body>
>  </html>at 
> org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:607)
>  at 
> org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:255)
>  at 
> org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:244)
>  at 
> org.apache.solr.client.solrj.impl.LBHttpSolrClient.doRequest(LBHttpSolrClient.java:483)
>  at 
> org.apache.solr.client.solrj.impl.LBHttpSolrClient.request(LBHttpSolrClient.java:413)
>  at 
> org.apache.solr.client.solrj.impl.CloudSolrClient.sendRequest(CloudSolrClient.java:1103)
>  at 
> org.apache.solr.client.solrj.impl.CloudSolrClient.requestWithRetryOnStaleState(CloudSolrClient.java:883)
>  at 
> org.apache.solr.client.solrj.impl.CloudSolrClient.request(CloudSolrClient.java:816)
>  at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:194)
>  at org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:211)
>  at 
> org.apache.solr.handler.CdcrReplicator.sendRequest(CdcrReplicator.java:140)
>  at org.apache.solr.handler.CdcrReplicator.run(CdcrReplicator.java:104)
>  at 
> org.apache.solr.handler.CdcrReplicatorScheduler.lambda$null$0(CdcrReplicatorScheduler.java:81)
>  at 
> org.apache.solr.common.util.ExecutorUtil$MDCAwareThreadPoolExecutor.lambda$execute$0(ExecutorUtil.java:188)
>  at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>  at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>  at java.lang.Thread.run(Thread.java:748){code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to