Ivo Janssen created SOLR-17542:
----------------------------------
Summary: AccessControlException when attempting to post document
Key: SOLR-17542
URL: https://issues.apache.org/jira/browse/SOLR-17542
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Components: contrib - Solr Cell (Tika extraction), security
Affects Versions: 9.7
Environment: * Solr 9.7
* MacOS 15.0.1
* M1 Max CPU
* 64GB RAM
Reporter: Ivo Janssen
I'm using Solr 9.7 on MacOS 15.0.1, with Cell enabled, and it returns a 500
error when I try to add a document. The error on Solr's side is as follows:
{noformat}
2024-10-18 00:49:03.350 INFO (qtp1955990522-40-localhost-1) [c: s: r:
x:test_docstore t:localhost-1] o.a.s.c.PluginBag Going to create a new
requestHandler with {type = requestHandler,name = /update/extract,class =
solr.extraction.ExtractingRequestHandler,attributes = {startup=lazy,
name=/update/extract, class=solr.extraction.ExtractingRequestHandler},args =
{defaults={fmap.Last-Modified=last_modified, uprefix=ignored_, df=_text_}}}
2024-10-18 00:49:03.653 ERROR (qtp1955990522-40-localhost-1) [c: s: r:
x:test_docstore t:localhost-1] o.a.s.s.HttpSolrCall 500 Exception =>
java.lang.IllegalStateException: java.security.AccessControlException: access
denied ("java.io.FilePermission"
"/private/var/folders/8y/0166d0yx0wd7lxycs42l6t9c0000gs/T/jetty-127_0_0_1-8983-webapp-_solr-any-16097010865664396603"
"read")
at
org.eclipse.jetty.server.MultiPartFormInputStream.throwIfError(MultiPartFormInputStream.java:526)
java.lang.IllegalStateException: java.security.AccessControlException: access
denied ("java.io.FilePermission"
"/private/var/folders/8y/0166d0yx0wd7lxycs42l6t9c0000gs/T/jetty-127_0_0_1-8983-webapp-_solr-any-16097010865664396603"
"read")
at
org.eclipse.jetty.server.MultiPartFormInputStream.throwIfError(MultiPartFormInputStream.java:526)
~[jetty-server-10.0.22.jar:10.0.22]
at
org.eclipse.jetty.server.MultiPartFormInputStream.getParts(MultiPartFormInputStream.java:491)
~[jetty-server-10.0.22.jar:10.0.22]
at
org.eclipse.jetty.server.MultiParts$MultiPartsHttpParser.getParts(MultiParts.java:90)
~[jetty-server-10.0.22.jar:10.0.22]
at org.eclipse.jetty.server.Request.getParts(Request.java:2354)
~[jetty-server-10.0.22.jar:10.0.22]
at org.eclipse.jetty.server.Request.getParts(Request.java:2328)
~[jetty-server-10.0.22.jar:10.0.22]
at
javax.servlet.http.HttpServletRequestWrapper.getParts(HttpServletRequestWrapper.java:317)
~[jetty-servlet-api-4.0.6.jar:?]
at
org.apache.solr.servlet.SolrRequestParsers$MultipartRequestParser.parseParamsAndFillStreams(SolrRequestParsers.java:649)
~[?:?]
at
org.apache.solr.servlet.SolrRequestParsers$StandardRequestParser.parseParamsAndFillStreams(SolrRequestParsers.java:893)
~[?:?]
at
org.apache.solr.servlet.SolrRequestParsers.parse(SolrRequestParsers.java:169)
~[?:?]
at org.apache.solr.servlet.HttpSolrCall.init(HttpSolrCall.java:313) ~[?:?]
at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:524) ~[?:?]
at
org.apache.solr.servlet.SolrDispatchFilter.dispatch(SolrDispatchFilter.java:251)
~[?:?]
at
org.apache.solr.servlet.SolrDispatchFilter.lambda$doFilter$0(SolrDispatchFilter.java:208)
~[?:?]
at
org.apache.solr.servlet.ServletUtils.traceHttpRequestExecution2(ServletUtils.java:243)
~[?:?]
at org.apache.solr.servlet.ServletUtils.rateLimitRequest(ServletUtils.java:213)
~[?:?]
{noformat}
I've confirmed that this is related to the security policy, since I'm able to
work around it by running Solr with `-Djava.security.manager=allow`, but
looking at the policy nothing jumps out at me for being wrong or missing.
[Link to discussion on the mailing
list|https://lists.apache.org/thread/8grxnpnxtyb2c1wb4j4vpl88vktzfy13]
(disregard my attempted fix in that thread - it was incorrect)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
