[ 
https://issues.apache.org/jira/browse/SOLR-12161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16434257#comment-16434257
 ] 

Erick Erickson commented on SOLR-12161:
---------------------------------------

Thanks! I thought I'd see this with a stand-alone program, but just checked and 
that turned out to be wrong so it looks like a test-only issue. Whew!



> CloudSolrClient with basic auth enabled will update even if no credentials 
> supplied
> -----------------------------------------------------------------------------------
>
>                 Key: SOLR-12161
>                 URL: https://issues.apache.org/jira/browse/SOLR-12161
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Authentication
>    Affects Versions: 7.3
>            Reporter: Erick Erickson
>            Assignee: Noble Paul
>            Priority: Major
>         Attachments: AuthUpdateTest.java, SOLR-12161.patch, tests.patch
>
>
> This is an offshoot of SOLR-9399. When I was writing a test, if I create a 
> cluster with basic authentication set up, I can _still_ add documents to a 
> collection even without credentials being set in the request.
> However, simple queries, commits etc. all fail without credentials set in the 
> request.
> I'll attach a test class that illustrates the problem.
> If I use a new HttpSolrClient instead of a CloudSolrClient, then the update 
> request fails as expected.
> [~noblepaul] do you have any insight here? Possibly something with splitting 
> up the update request to go to each individual shard?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to