I'm running, solr -version 8.6.3
on uname -rm 5.8.13-200.fc32.x86_64 x86_64 grep _NAME /etc/os-release PRETTY_NAME="Fedora 32 (Server Edition)" CPE_NAME="cpe:/o:fedoraproject:fedora:32" with java -version openjdk version "15" 2020-09-15 OpenJDK Runtime Environment 20.9 (build 15+36) OpenJDK 64-Bit Server VM 20.9 (build 15+36, mixed mode, sharing) solr's configured for SSL usage. both client search connections and WebUI access work OK, with EC certs in use SOLR_SSL_KEY_STORE="/srv/ssl/solr.server.EC.pfx" SOLR_SSL_TRUST_STORE="/srv/ssl/solr.server.EC.pfx" If I enable BasicAuth, adding /security.json { "authentication":{ "blockUnknown": true, "class":"solr.BasicAuthPlugin", "credentials":{ "myuser":"jO... Fe..." }, "realm":"Solr REALM", "forwardCredentials": false }, "authorization":{ "class":"solr.RuleBasedAuthorizationPlugin", "permissions":[{ "name":"security-edit", "role":"admin" }], "user-role":{ "solr":"admin" } } } as expected, WebUI requires/accepts valid credentials for access. BUT ... client connections, e.g. from a mail MUA using dovecot's fts solr plugin, immediately fail, returning "401 Unauthorized". How can solr authentication be configured to split method -- using BasicAuth for WebUI access ONLY, and still allowing the client connections? Eventually, I want those client connections to require solr-side SSL client auth. Atm, I'd just like to get it working -- _with_ the BasicAuth WebUI protection in place.