[ https://issues.apache.org/jira/browse/SOLR-12161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16419968#comment-16419968 ]
Erick Erickson commented on SOLR-12161: --------------------------------------- I uploaded a patch I was working on for this, it may be useful [~noble.paul] And of course I'll be happy to help out however I can.... > CloudSolrClient with basic auth enabled will update even if no credentials > supplied > ----------------------------------------------------------------------------------- > > Key: SOLR-12161 > URL: https://issues.apache.org/jira/browse/SOLR-12161 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Components: Authentication > Affects Versions: 7.3 > Reporter: Erick Erickson > Assignee: Noble Paul > Priority: Major > Attachments: AuthUpdateTest.java, tests.patch > > > This is an offshoot of SOLR-9399. When I was writing a test, if I create a > cluster with basic authentication set up, I can _still_ add documents to a > collection even without credentials being set in the request. > However, simple queries, commits etc. all fail without credentials set in the > request. > I'll attach a test class that illustrates the problem. > If I use a new HttpSolrClient instead of a CloudSolrClient, then the update > request fails as expected. > [~noblepaul] do you have any insight here? Possibly something with splitting > up the update request to go to each individual shard? -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org