[
https://issues.apache.org/jira/browse/SOLR-16327?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17578689#comment-17578689
]
Shawn Heisey edited comment on SOLR-16327 at 8/11/22 9:33 PM:
--------------------------------------------------------------
OK, I have minimal steps to reproduce and 9.1.0-SNAPSHOT does the same thing in
cloud mode or standalone mode.
Create a collection/core with the solrconfig.xml and managed-schema.xml files I
included in earlier comments. There must also be empty protwords.txt and
synonyms.txt files in the config. For simplicity in cloud mode, make it a 1
shard 1 replica collection. A valid solr.xml file must also exist.
The Ping handler definition includes a healthcheck config, and the healthcheck
file will not exist on a newly built core. Go ahead and leave it disabled.
Go to the admin UI and select the core from the dropdown. Click Ping. It will
show the permission error.
On 8.11.1 clicking Ping will show information about the actual error, not a
permission error. I did not try 8.11.1 in cloud mode, but I imagine it will
work.
For all these tests, I did not have a security.json configured.
was (Author: elyograg):
OK, I have minimal steps to reproduce and 9.1.0-SNAPSHOT does the same thing in
cloud mode or standalone mode.
Create a collection/core with the solrconfig.xml and managed-schema.xml files I
included in earlier comments. There must also be empty protwords.txt and
synonyms.txt files in the config. For simplicity in cloud mode, make it a 1
shard 1 replica collection.
The Ping handler definition includes a healthcheck config, and the healthcheck
file will not exist on a newly built core. Go ahead and leave it disabled.
Go to the admin UI and select the core from the dropdown. Click Ping. It will
show the permission error.
On 8.11.1 clicking Ping will show information about the actual error, not a
permission error. I did not try 8.11.1 in cloud mode, but I imagine it will
work.
For all these tests, I did not have a security.json configured.
> Admin UI reports permission error if the request it made results in ANY
> exception
> ---------------------------------------------------------------------------------
>
> Key: SOLR-16327
> URL: https://issues.apache.org/jira/browse/SOLR-16327
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Admin UI
> Affects Versions: main (10.0)
> Reporter: Shawn Heisey
> Priority: Minor
> Attachments: image-2022-08-06-15-36-24-158.png, screenshot-1.png,
> solr9_ping_exception.txt
>
>
> A lot of the pages in the UI report permission errors even when the actual
> problem is some other exception. For this screenshot, I clicked first on the
> Overview, and then on Ping ... there was a misconfig in the ping handler
> where it was not declaring a default field, so the query generated an
> exception which is attached to the issue. I did not have a security.json
> file.
> !image-2022-08-06-15-36-24-158.png|width=389,height=182!
> I also saw this on other things besides Ping when I was clicking around the
> admin UI during a solr service restart. The version info showing where the
> git repo was when I compiled from branch_9x:
> 9.1.0-SNAPSHOT f1510b1f54ea9225df654e3aad0ca7da856c1f72 [snapshot build,
> details omitted]
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
