Re: Continuing Saga of Authorization on 6.6.0

2018-03-13 Thread Shawn Heisey
On 3/13/2018 12:00 PM, Terry Steichen wrote: > So, Shawn, every time zookeeper gets shut down (intentionally or > otherwise), I have to recreate the credentials and permissions via a set > of API calls?  Is there some way to have it save and read that stuff > from disk? If your ZK ensemble

Re: Continuing Saga of Authorization on 6.6.0

2018-03-13 Thread spoonerk
I wish unsubscribe worked On Mar 13, 2018 9:47 AM, "Terry Steichen" wrote: > I switched solr from standalone to cloud and created the two collections > (emails1 and emails2). > > I was able to create a basic set of credentials via the curl-based > API's. I could create

Re: Continuing Saga of Authorization on 6.6.0

2018-03-13 Thread Terry Steichen
So, Shawn, every time zookeeper gets shut down (intentionally or otherwise), I have to recreate the credentials and permissions via a set of API calls?  Is there some way to have it save and read that stuff from disk? Terry On 03/13/2018 01:51 PM, Shawn Heisey wrote: > On 3/13/2018 11:25 AM,

Re: Continuing Saga of Authorization on 6.6.0

2018-03-13 Thread Chris Ulicny
You can see the security.json file in the admin console if you go to the Cloud tab, and then select Tree. It should be visible there without having to navigate directly into zookeeper. Best, Chris On Tue, Mar 13, 2018 at 1:26 PM Terry Steichen wrote: > Chris, many, many

Re: Continuing Saga of Authorization on 6.6.0

2018-03-13 Thread Shawn Heisey
On 3/13/2018 11:25 AM, Terry Steichen wrote: > What also puzzles me is that I can't find any "security.json" file.  > Clearly, solr is persistently keeping track of the > authentication/authorization information, but I don't see where.  I > suppose it might be kept in zookeeper (which perhaps

Re: Continuing Saga of Authorization on 6.6.0

2018-03-13 Thread Terry Steichen
Chris, many, many thanks.  From a quick check, those changes seem to work.  I think I'm getting too old to differentiate between brackets and curly braces.  I'll get back on track and see if I can (finally) set this up right.  What also puzzles me is that I can't find any "security.json" file. 

Re: Continuing Saga of Authorization on 6.6.0

2018-03-13 Thread Chris Ulicny
> *failed to delete a user:* "delete-user" is expecting an array of users in the json, so the data should be: {"delete-user": ["lanny"]} > *failed to set a permission: * There are separate endpoints for authorization and authentication. You should use ".../solr/admin/authorization" for the

Continuing Saga of Authorization on 6.6.0

2018-03-13 Thread Terry Steichen
I switched solr from standalone to cloud and created the two collections (emails1 and emails2).  I was able to create a basic set of credentials via the curl-based API's.  I could create users, and toggle the blockUnknown property status. However, the system refused to allow me to delete a user,