Re: Operation backup caused exception : AccessDeniedException

[Salmaan Rashid Syed]

hread.QueuedThreadPool$2.run(QueuedThreadPool.java:680)
at java.base/java.lang.Thread.run(Thread.java:834)


I was reading the documentation for Backup and restore of solr. The
location should be a shared drive for the backup. Can I not store it on my
hard drive?.

But, when I tried downloading the backup to my drive on computer, it worked
fine previously. But, now it refuses to download the solr backup file to my
hard drive.

The only change that the Solr underwent from the previous time is that I
have enabled authentication on it.

Is authentication causing all these problems?.

Thanks for your help.

Regards,
Salmaan



On Tue, Jan 28, 2020 at 8:15 AM Shawn Heisey  wrote:

> On 1/27/2020 6:57 PM, Salmaan Rashid Syed wrote:
> > I have Solr 7.6 and it is installed in an AWS ec2 (Ubuntu machine)
> > instance. I am new to AWS. Devops team has configured it for me.
>
> When I check out the source for Solr 7.6, it intersects perfectly with
> the line numbers in the stacktrace that you provided.
>
> > One thing I constantly notice while executing commands in ec2 instance is
> > that, it keeps denying command execution until I specifically insert
> "sudo"
> > at the beginning.
> >
> > For example mkdir command also needs sudo at the beginning of the command
> > etc.
>
> If the parent directory is owned by root and Solr is running as a
> regular user, then Solr will most likely not have permission to create
> the desired directory.  In that situation, the owner will need to be
> changed so that the user running Solr does have permission.
>
> If Solr has been installed as a service by the service installer
> included in the download, then it is extremely likely that it will not
> be running as root, and the default username that the installer uses is
> solr.
>
> Thanks,
> Shawn
>

Re: Operation backup caused exception : AccessDeniedException

[Salmaan Rashid Syed]

Hi Shawn,

Thanks for the reply. Apologies for the missing information.

I have Solr 7.6 and it is installed in an AWS ec2 (Ubuntu machine)
instance. I am new to AWS. Devops team has configured it for me.

One thing I constantly notice while executing commands in ec2 instance is
that, it keeps denying command execution until I specifically insert "sudo"
at the beginning.

For example mkdir command also needs sudo at the beginning of the command
etc.

Does this also cause AccessDeniedException or am I missing something in my
curl command?

Do I need to ask devops to remove the user restrictions in AWS, though I am
not sure if there are any?

Thanks in advance.

Regards,
Salmaan





On Mon 27 Jan, 2020, 10:47 PM Shawn Heisey,  wrote:

> On 1/27/2020 1:58 AM, Salmaan Rashid Syed wrote:
> > Collection: PANNA operation: backup
> > failed:java.nio.file.AccessDeniedException:
> > /opt/solr_Backup/solr-data-backup-27-01-2020/panna_backup
>
> 
>
> > at java.base/java.nio.file.Files.createDirectory(Files.java:689)
>
> While trying to create a directory, Java found that it did not have
> permission to do so.  Looking at the code involved in the stacktrace,
> the problem is either that the user running Solr does not have
> permission to create a directory in
> /opt/solr_Backup/solr-data-backup-27-01-2020 or that
> /opt/solr_Backup/solr-data-backup-27-01-2020 does not exist.
>
> You haven't told us which precise version of Solr you have, so although
> I am fairly confident that I've got the correct diagnosis, I can't be
> 100 percent sure.
>
> Thanks,
> Shawn
>

Operation backup caused exception : AccessDeniedException

[Salmaan Rashid Syed]

*Hi Solr Users,*

*I was trying to backup Solr collection using the following command. *

curl --user 'solr-admin:' "
http://localhost:8983/solr/admin/collections?action=BACKUP=panna_backup=PANNA=/opt/solr_Backup/solr-data-backup-27-01-2020/
"

*I am getting the following error message. Can anyone please help? *

Operation backup caused
exception:":"java.nio.file.AccessDeniedException:java.nio.file.AccessDeniedException:
/opt/solr_Backup/solr-data-backup-27-01-2020/panna_backup"


"exception":{

"msg":"/opt/solr_Backup/solr-data-backup-27-01-2020/panna_backup",

"rspCode":-1},

  "error":{

"metadata":[

  "error-class","org.apache.solr.common.SolrException",

  "root-error-class","org.apache.solr.common.SolrException"],

"msg":"/opt/solr_Backup/solr-data-backup-27-01-2020/panna_backup",


*The detail logs are as follows,*


Collection: PANNA operation: backup
failed:java.nio.file.AccessDeniedException:
/opt/solr_Backup/solr-data-backup-27-01-2020/panna_backup

at
java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)

at
java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)

at
java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)

at
java.base/sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:385)

at java.base/java.nio.file.Files.createDirectory(Files.java:689)

at
org.apache.solr.core.backup.repository.LocalFileSystemRepository.createDirectory(LocalFileSystemRepository.java:93)

at org.apache.solr.cloud.api.collections.BackupCmd.call(BackupCmd.java:90)

at
org.apache.solr.cloud.api.collections.OverseerCollectionMessageHandler.processMessage(OverseerCollectionMessageHandler.java:259)

at
org.apache.solr.cloud.OverseerTaskProcessor$Runner.run(OverseerTaskProcessor.java:478)

at
org.apache.solr.common.util.ExecutorUtil$MDCAwareThreadPoolExecutor.lambda$execute$0(ExecutorUtil.java:209)

at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)

at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)

at java.base/java.lang.Thread.run(Thread.java:834)



*Thanks and Regards,*

*Salmaan*

Different results due to sharding and problems with interesting terms in MLT

[Salmaan Rashid Syed]

Hi Solr Users,

I have two questions,

1) I am working on Solr 7.6 and I have incorporated MLT feature into it. I
need to allow users to search on emails and skills, so I have allowed few
of the special characters such as [@, ., -, _, +, #, *]. I am not using
stemmer as it is removing letter "s" from many of the useful words like
"AngularJS" to "AngularJ".

Now when I enter a processed text as query into the search bar, I get "."
as the "*most interesting term*" boosted by the highest order usually. I
can't figure out how to remove this from interesting terms without removing
it from the field I am searching in.

2) I have 2 shards per collections on two nodes 8983 and 7574 in cloud
mode. I am getting different results for same query.

I have come to know through reading forums and documentation that this is
happening due to sharding and due to calculation of stats on individual
sharding rather than on entire collection. So I implemented one of the
solutions mentioned in forum/documentations in solrconfig.xml as follows,



It still doesn't works and gives different results for same query. Please
let me know what can be done to avoid these issues.

Regards,
Salmaan

Re: Problems with restricting access to users using Basic auth

[Salmaan Rashid Syed]

Hi Jason,

Apologies for the late reply. My laptop was broken and I got it today from
service centre.

I am still having issues with solr-user able to view the Collections list
as follow.

Testing permissions for user [solr]
Request [/admin/collections?action=LIST] returned status [200]
Request [/collection1/select?q=*:*] returned status [200]
Request [/collection2/select?q=*:*] returned status [200]
Request [/collection3/select?q=*:*] returned status [200]

Testing permissions for user [solr-user]
Request [/admin/collections?action=LIST] returned status [200]
Request [/collection1/select?q=*:*] returned status [200]
Request [/collection2/select?q=*:*] returned status [200]
Request [/collection3/select?q=*:*] returned status [403]

I am still wondering wher I am going wrong.

Thanks,
Salmaan




On Thu, Aug 29, 2019 at 1:34 PM Salmaan Rashid Syed <
salmaan.ras...@mroads.com> wrote:

> Thanks a lot Jason,
>
> I will try this out and let you know.
>
> Thanks again.
>
> On Wed 28 Aug, 2019, 7:45 PM Jason Gerlowski, 
> wrote:
>
>> Hi Salmaan,
>>
>> Are you still seeing this behavior, or were you able to figure things out?
>>
>> I just got a chance to try out the security.json in Solr 7.6 myself,
>> and I can't reproduce the behavior you're seeing.
>>
>> It might be helpful to level set here.  Make sure that our
>> security.json settings and our test requests are exactly the same.
>>
>> This is the security.json I used in my test deployment:
>>
>> {
>>   "authentication":{
>>"blockUnknown": true,
>>"class":"solr.BasicAuthPlugin",
>>"credentials":{
>>  "solr":"gP31s0FQevh3k0i0y6g9AP/TZLWctxfZjtC9sOh8vZU=
>> J7an406gVyx4v4CkR8YLgmhClk9Yv/fIBSfZoi1f0kY=",
>>  "solr-user":"gP31s0FQevh3k0i0y6g9AP/TZLWctxfZjtC9sOh8vZU=
>> J7an406gVyx4v4CkR8YLgmhClk9Yv/fIBSfZoi1f0kY="
>>}
>>   },
>>   "authorization":{
>>"class":"solr.RuleBasedAuthorizationPlugin",
>>"permissions":[
>>   {"name": "dev-read", "collection": ["collection1",
>> "collection2"], "role": ["dev", "admin"] },
>>   {"name": "security-edit", "role": "admin"},
>>   {"name": "security-read", "role": "admin"},
>>   {"name": "schema-edit", "role": "admin"},
>>   {"name": "schema-read", "role": "admin"},
>>   {"name": "config-edit", "role": "admin"},
>>   {"name": "config-read", "role": "admin"},
>>   {"name": "core-admin-edit", "role": "admin"},
>>   {"name": "core-admin-read", "role": "admin"},
>>   {"name": "collection-api-edit", "role": "admin"},
>>   {"name": "collection-api-read", "role": "admin"},
>>   {"name": "read", "role": "admin"},
>>   {"name": "update", "role": "admin"},
>>   {"name": "all", "role": "admin"}
>>],
>>"user-role":{
>>  "solr":"admin",
>>  "solr-user": "dev"
>>}
>>   }
>> }
>>
>> And this is the output of a script I use to test permissions quickly:
>>
>> $ ./test-security.sh
>>
>> Testing permissions for user [solr]
>> Request [/admin/collections?action=LIST] returned status [200]
>> Request [/collection1/select?q=*:*] returned status [200]
>> Request [/collection2/select?q=*:*] returned status [200]
>> Request [/collection3/select?q=*:*] returned status [200]
>>
>> Testing permissions for user [solr-user]
>> Request [/admin/collections?action=LIST] returned status [403]
>> Request [/collection1/select?q=*:*] returned status [200]
>> Request [/collection2/select?q=*:*] returned status [200]
>> Request [/collection3/select?q=*:*] returned status [403]
>>
>> You can find this script here, to see the exact curl commands being
>> used and run it yourself: https://paste.apache.org/tjtdg
>>
>> That output looks correct to me.  solr-user is prevented from
>> acces

Re: Problems with restricting access to users using Basic auth

[Salmaan Rashid Syed]

Thanks a lot Jason,

I will try this out and let you know.

Thanks again.

On Wed 28 Aug, 2019, 7:45 PM Jason Gerlowski,  wrote:

> Hi Salmaan,
>
> Are you still seeing this behavior, or were you able to figure things out?
>
> I just got a chance to try out the security.json in Solr 7.6 myself,
> and I can't reproduce the behavior you're seeing.
>
> It might be helpful to level set here.  Make sure that our
> security.json settings and our test requests are exactly the same.
>
> This is the security.json I used in my test deployment:
>
> {
>   "authentication":{
>"blockUnknown": true,
>"class":"solr.BasicAuthPlugin",
>"credentials":{
>  "solr":"gP31s0FQevh3k0i0y6g9AP/TZLWctxfZjtC9sOh8vZU=
> J7an406gVyx4v4CkR8YLgmhClk9Yv/fIBSfZoi1f0kY=",
>  "solr-user":"gP31s0FQevh3k0i0y6g9AP/TZLWctxfZjtC9sOh8vZU=
> J7an406gVyx4v4CkR8YLgmhClk9Yv/fIBSfZoi1f0kY="
>}
>   },
>   "authorization":{
>"class":"solr.RuleBasedAuthorizationPlugin",
>"permissions":[
>   {"name": "dev-read", "collection": ["collection1",
> "collection2"], "role": ["dev", "admin"] },
>   {"name": "security-edit", "role": "admin"},
>   {"name": "security-read", "role": "admin"},
>   {"name": "schema-edit", "role": "admin"},
>   {"name": "schema-read", "role": "admin"},
>   {"name": "config-edit", "role": "admin"},
>   {"name": "config-read", "role": "admin"},
>   {"name": "core-admin-edit", "role": "admin"},
>   {"name": "core-admin-read", "role": "admin"},
>   {"name": "collection-api-edit", "role": "admin"},
>   {"name": "collection-api-read", "role": "admin"},
>   {"name": "read", "role": "admin"},
>   {"name": "update", "role": "admin"},
>   {"name": "all", "role": "admin"}
>],
>"user-role":{
>  "solr":"admin",
>  "solr-user": "dev"
>}
>   }
> }
>
> And this is the output of a script I use to test permissions quickly:
>
> $ ./test-security.sh
>
> Testing permissions for user [solr]
> Request [/admin/collections?action=LIST] returned status [200]
> Request [/collection1/select?q=*:*] returned status [200]
> Request [/collection2/select?q=*:*] returned status [200]
> Request [/collection3/select?q=*:*] returned status [200]
>
> Testing permissions for user [solr-user]
> Request [/admin/collections?action=LIST] returned status [403]
> Request [/collection1/select?q=*:*] returned status [200]
> Request [/collection2/select?q=*:*] returned status [200]
> Request [/collection3/select?q=*:*] returned status [403]
>
> You can find this script here, to see the exact curl commands being
> used and run it yourself: https://paste.apache.org/tjtdg
>
> That output looks correct to me.  solr-user is prevented from
> accessing other APIs and other collections, but can access collection1
> and collection2.
>
> Does your security.json match mine, or do the permissions differ in
> some way?  Can you still reproduce the behavior using my script?
>
> Good luck,
>
> Jason
>
> On Thu, Aug 22, 2019 at 2:13 AM Salmaan Rashid Syed
>  wrote:
> >
> > Hi,
> >
> > Any suggestions as to what can be done?
> >
> > Regards,
> > Salmaan
> >
> >
> > On Wed, Aug 21, 2019 at 4:33 PM Jason Gerlowski 
> > wrote:
> >
> > > Ah, ok.  SOLR-13355 still affects 7.6, so that explains why you're
> > > seeing this behavior.
> > >
> > > You could upgrade to get the new behavior, but you don't need to-
> > > there's a workaround.  You just need to add a few extra rules to your
> > > security.json.  The problem in SOLR-13355 is that the "all" permission
> > > isn't being considered for APIs that are covered by other predefined
> > > permissions.  So the workaround is to add a permission rule for each
> > > of the predefined permissions, locking them down to the "admin" role.
> > > 

Re: Problems with restricting access to users using Basic auth

[Salmaan Rashid Syed]

Hi,

Any suggestions as to what can be done?

Regards,
Salmaan


On Wed, Aug 21, 2019 at 4:33 PM Jason Gerlowski 
wrote:

> Ah, ok.  SOLR-13355 still affects 7.6, so that explains why you're
> seeing this behavior.
>
> You could upgrade to get the new behavior, but you don't need to-
> there's a workaround.  You just need to add a few extra rules to your
> security.json.  The problem in SOLR-13355 is that the "all" permission
> isn't being considered for APIs that are covered by other predefined
> permissions.  So the workaround is to add a permission rule for each
> of the predefined permissions, locking them down to the "admin" role.
> It really bloats security.json, but should do the job.  So your
> security.json should have a permissions section that looks like the
> JSON below:
>
> {"name": "dev-read", "collection": ["collection1", "collection2"],
> "role": "dev"},
> {"name": "security-edit", "role": "admin"},
> {"name": "security-read", "role": "admin"},
> {"name": "schema-edit", "role": "admin"},
> {"name": "schema-read", "role": "admin"},
> {"name": "config-edit", "role": "admin"},
> {"name": "config-read", "role": "admin"},
> {"name": "core-admin-edit", "role": "admin"},
> {"name": "core-admin-read", "role": "admin"},
> {"name": "collection-api-edit", "role": "admin"},
> {"name": "collection-api-read", "role": "admin"},
> {"name": "read", "role": "admin"},
> {"name": "update", "role": "admin"},
> {"name": "all", "role": "admin"}
>
> Hope that helps.  Let me know if that still has any problems for you.
>
> Jason
>
> On Wed, Aug 21, 2019 at 6:48 AM Salmaan Rashid Syed
>  wrote:
> >
> > Hi Jason,
> >
> > Is there a way to fix this in version 7.6?
> >
> > Or is it mandatory to upgrade to other versions?
> >
> > If I have to upgrade to a higher version, then what is the best way to do
> > this without effecting the current configuration and indexed data?
> >
> > Thanks,
> > Salmaan
> >
> >
> >
> > On Wed, Aug 21, 2019 at 4:13 PM Salmaan Rashid Syed <
> > salmaan.ras...@mroads.com> wrote:
> >
> > > Hi Jason,
> > >
> > > I am using version 7.6 of Solr.
> > >
> > > Thanks,
> > > Salmaan
> > >
> > >
> > >
> > > On Wed, Aug 21, 2019 at 4:12 PM Jason Gerlowski  >
> > > wrote:
> > >
> > >> The "all" permissions _should_ block solr-user from accessing all of
> > >> those resources, and I believe it does in newer versions of Solr.
> > >> There was a bug with it that was fixed a few versions back though- it
> > >> sounds like you might be running into that. (see
> > >> https://issues.apache.org/jira/browse/SOLR-13355) What version of
> Solr
> > >> are you using?
> > >>
> > >> Jason
> > >>
> > >>
> > >>
> > >> On Wed, Aug 21, 2019 at 5:21 AM Salmaan Rashid Syed
> > >>  wrote:
> > >> >
> > >> > Hi Jason,
> > >> >
> > >> > Thanks for your prompt reply.
> > >> >
> > >> > Your code does address few of my concerns like restricting
> *solr-user*
> > >> from
> > >> > accessing the dashboard and from executing other request methods
> apart
> > >> from
> > >> > *"update"* and *"read"*.
> > >> >
> > >> > But I am still able to access other collections such as
> *"Collection3",
> > >> > "Collection4"* and so on, apart from the intended two collection
> > >> entered in
> > >> > the code. I can give *"update"* and *"read" *requests to these
> external
> > >> > Collections which solr-user should not be able to do.
> > >> >
> > >> > Moreover solr-user can look at the
> > >> > *http://localhost:8983/solr/admin/authentication
> > >> > <http://loca

Re: Problems with restricting access to users using Basic auth

[Salmaan Rashid Syed]

Hi Jason,

Unfortunately, the above mentioned workaround does not work for me.

I modified your script a little bit as follow and it still doesn't work.

 {"name": "update", "collection": ["collection1", "collection2"],
"role": "dev"},
 {"name": "read", "collection": ["collection1", "collection2"],
"role": "dev"},
{"name": "security-edit", "role": "admin"},
{"name": "security-read", "role": "admin"},
{"name": "schema-edit", "role": "admin"},
{"name": "schema-read", "role": "admin"},
{"name": "config-edit", "role": "admin"},
{"name": "config-read", "role": "admin"},
{"name": "core-admin-edit", "role": "admin"},
{"name": "core-admin-read", "role": "admin"},
{"name": "collection-api-edit", "role": "admin"},
{"name": "collection-api-read", "role": "admin"},
{"name": "read", "role": "admin"},
{"name": "update", "role": "admin"},

{"name": "all", "role": "admin"}


I can still use "*update"* and "*read"* methods into other collections
using *solr-user *login credentials.

Any help is highly appreciated.

Regards,
Salmaan

On Wed, Aug 21, 2019 at 4:33 PM Jason Gerlowski 
wrote:

> Ah, ok.  SOLR-13355 still affects 7.6, so that explains why you're
> seeing this behavior.
>
> You could upgrade to get the new behavior, but you don't need to-
> there's a workaround.  You just need to add a few extra rules to your
> security.json.  The problem in SOLR-13355 is that the "all" permission
> isn't being considered for APIs that are covered by other predefined
> permissions.  So the workaround is to add a permission rule for each
> of the predefined permissions, locking them down to the "admin" role.
> It really bloats security.json, but should do the job.  So your
> security.json should have a permissions section that looks like the
> JSON below:
>
> {"name": "dev-read", "collection": ["collection1", "collection2"],
> "role": "dev"},
> {"name": "security-edit", "role": "admin"},
> {"name": "security-read", "role": "admin"},
> {"name": "schema-edit", "role": "admin"},
> {"name": "schema-read", "role": "admin"},
> {"name": "config-edit", "role": "admin"},
> {"name": "config-read", "role": "admin"},
> {"name": "core-admin-edit", "role": "admin"},
> {"name": "core-admin-read", "role": "admin"},
> {"name": "collection-api-edit", "role": "admin"},
> {"name": "collection-api-read", "role": "admin"},
> {"name": "read", "role": "admin"},
> {"name": "update", "role": "admin"},
> {"name": "all", "role": "admin"}
>
> Hope that helps.  Let me know if that still has any problems for you.
>
> Jason
>
> On Wed, Aug 21, 2019 at 6:48 AM Salmaan Rashid Syed
>  wrote:
> >
> > Hi Jason,
> >
> > Is there a way to fix this in version 7.6?
> >
> > Or is it mandatory to upgrade to other versions?
> >
> > If I have to upgrade to a higher version, then what is the best way to do
> > this without effecting the current configuration and indexed data?
> >
> > Thanks,
> > Salmaan
> >
> >
> >
> > On Wed, Aug 21, 2019 at 4:13 PM Salmaan Rashid Syed <
> > salmaan.ras...@mroads.com> wrote:
> >
> > > Hi Jason,
> > >
> > > I am using version 7.6 of Solr.
> > >
> > > Thanks,
> > > Salmaan
> > >
> > >
> > >
> > > On Wed, Aug 21, 2019 at 4:12 PM Jason Gerlowski  >
> > > wrote:
> > >
> > >> The "all" permissions _should_ block solr-user from accessing all of
> > >> those resources, and I believe it does in newer versions of Solr.
> &g

Re: Problems with restricting access to users using Basic auth

[Salmaan Rashid Syed]

Hi Jason,

Is there a way to fix this in version 7.6?

Or is it mandatory to upgrade to other versions?

If I have to upgrade to a higher version, then what is the best way to do
this without effecting the current configuration and indexed data?

Thanks,
Salmaan



On Wed, Aug 21, 2019 at 4:13 PM Salmaan Rashid Syed <
salmaan.ras...@mroads.com> wrote:

> Hi Jason,
>
> I am using version 7.6 of Solr.
>
> Thanks,
> Salmaan
>
>
>
> On Wed, Aug 21, 2019 at 4:12 PM Jason Gerlowski 
> wrote:
>
>> The "all" permissions _should_ block solr-user from accessing all of
>> those resources, and I believe it does in newer versions of Solr.
>> There was a bug with it that was fixed a few versions back though- it
>> sounds like you might be running into that. (see
>> https://issues.apache.org/jira/browse/SOLR-13355) What version of Solr
>> are you using?
>>
>> Jason
>>
>>
>>
>> On Wed, Aug 21, 2019 at 5:21 AM Salmaan Rashid Syed
>>  wrote:
>> >
>> > Hi Jason,
>> >
>> > Thanks for your prompt reply.
>> >
>> > Your code does address few of my concerns like restricting *solr-user*
>> from
>> > accessing the dashboard and from executing other request methods apart
>> from
>> > *"update"* and *"read"*.
>> >
>> > But I am still able to access other collections such as *"Collection3",
>> > "Collection4"* and so on, apart from the intended two collection
>> entered in
>> > the code. I can give *"update"* and *"read" *requests to these external
>> > Collections which solr-user should not be able to do.
>> >
>> > Moreover solr-user can look at the
>> > *http://localhost:8983/solr/admin/authentication
>> > <http://localhost:8983/solr/admin/authentication>* link which lists the
>> > users and their *SHA256* coded passwords. How can I hide this and
>> restrict
>> > access to other collections?
>> >
>> > Thanks and regards
>> > Salmaan
>> >
>> >
>> > On Wed, Aug 21, 2019 at 5:07 AM Jason Gerlowski 
>> > wrote:
>> >
>> > > Hi Salmaan,
>> > >
>> > > Solr's RuleBasedAuthorizationPlugin allows requests through if none of
>> > > the specified permissions apply.  I think that's what you're running
>> > > into in your example above.  If you want to lockdown a particular API
>> > > (or set of APIs) then you need to explicitly add a permission that
>> > > restricts those APIs to a particular role.
>> > >
>> > > One way to get the behavior that it sounds like you're looking for
>> > > would be to add a catch-all permission at the bottom of your
>> > > permissions list that restricts all other APIs to "admin".  This would
>> > > look a bit like:
>> > >
>> > >  "permissions":[
>> > > {
>> > > "name":"security-edit",
>> > > "role":"admin"
>> > > },
>> > > {
>> > > "collection": ["Collection1", "Collection2"],
>> > > "name": ["update", "read"],
>> > > "role": "dev"
>> > > },
>> > > {
>> > > "name": "all",
>> > > "role": "admin"
>> > > }
>> > > ]
>> > >
>> > > Hope that helps get you started.
>> > >
>> > > Best,
>> > >
>> > > Jason
>> > >
>> > > On Tue, Aug 20, 2019 at 3:19 AM Salmaan Rashid Syed
>> > >  wrote:
>> > > >
>> > > > Hi Solr Users,
>> > > >
>> > > > I want to create a user that has restricted access to Solr. I did
>> the
>> > > > follwowing:-
>> > > >
>> > > >
>> > > >1. {
>> > > >2. "authentication":{
>> > > >3."blockUnknown": true,
>> > > >4."class":"solr.BasicAuthPlugin",
>> > > >5."credentials":{
>> > > >6. "solr-admin":
>> > > >"2IUJD9dxRhxSXaJGdMP5z8ggSn4I285Ty9GCWeRNMUg=
>> > > > /sSNJJufPtj4baRizoJshJawFsWvopvZSqZpQ/Nwd78="
>> >

Re: Problems with restricting access to users using Basic auth

[Salmaan Rashid Syed]

Hi Jason,

I am using version 7.6 of Solr.

Thanks,
Salmaan



On Wed, Aug 21, 2019 at 4:12 PM Jason Gerlowski 
wrote:

> The "all" permissions _should_ block solr-user from accessing all of
> those resources, and I believe it does in newer versions of Solr.
> There was a bug with it that was fixed a few versions back though- it
> sounds like you might be running into that. (see
> https://issues.apache.org/jira/browse/SOLR-13355) What version of Solr
> are you using?
>
> Jason
>
>
>
> On Wed, Aug 21, 2019 at 5:21 AM Salmaan Rashid Syed
>  wrote:
> >
> > Hi Jason,
> >
> > Thanks for your prompt reply.
> >
> > Your code does address few of my concerns like restricting *solr-user*
> from
> > accessing the dashboard and from executing other request methods apart
> from
> > *"update"* and *"read"*.
> >
> > But I am still able to access other collections such as *"Collection3",
> > "Collection4"* and so on, apart from the intended two collection entered
> in
> > the code. I can give *"update"* and *"read" *requests to these external
> > Collections which solr-user should not be able to do.
> >
> > Moreover solr-user can look at the
> > *http://localhost:8983/solr/admin/authentication
> > <http://localhost:8983/solr/admin/authentication>* link which lists the
> > users and their *SHA256* coded passwords. How can I hide this and
> restrict
> > access to other collections?
> >
> > Thanks and regards
> > Salmaan
> >
> >
> > On Wed, Aug 21, 2019 at 5:07 AM Jason Gerlowski 
> > wrote:
> >
> > > Hi Salmaan,
> > >
> > > Solr's RuleBasedAuthorizationPlugin allows requests through if none of
> > > the specified permissions apply.  I think that's what you're running
> > > into in your example above.  If you want to lockdown a particular API
> > > (or set of APIs) then you need to explicitly add a permission that
> > > restricts those APIs to a particular role.
> > >
> > > One way to get the behavior that it sounds like you're looking for
> > > would be to add a catch-all permission at the bottom of your
> > > permissions list that restricts all other APIs to "admin".  This would
> > > look a bit like:
> > >
> > >  "permissions":[
> > > {
> > >     "name":"security-edit",
> > > "role":"admin"
> > > },
> > > {
> > > "collection": ["Collection1", "Collection2"],
> > > "name": ["update", "read"],
> > > "role": "dev"
> > > },
> > > {
> > > "name": "all",
> > > "role": "admin"
> > > }
> > > ]
> > >
> > > Hope that helps get you started.
> > >
> > > Best,
> > >
> > > Jason
> > >
> > > On Tue, Aug 20, 2019 at 3:19 AM Salmaan Rashid Syed
> > >  wrote:
> > > >
> > > > Hi Solr Users,
> > > >
> > > > I want to create a user that has restricted access to Solr. I did the
> > > > follwowing:-
> > > >
> > > >
> > > >1. {
> > > >2. "authentication":{
> > > >3."blockUnknown": true,
> > > >4."class":"solr.BasicAuthPlugin",
> > > >5."credentials":{
> > > >6. "solr-admin":
> > > >"2IUJD9dxRhxSXaJGdMP5z8ggSn4I285Ty9GCWeRNMUg=
> > > > /sSNJJufPtj4baRizoJshJawFsWvopvZSqZpQ/Nwd78="
> > > >,
> > > >7. "solr-user":
> > > >"p+XwOh15p/rvFltv2LXP1CwtbvwBgGlC9qcDKxV73B4=
> > > > DcNsjfA6Wf16V1XKT+YraosSFQ5Cr3eRUX6BQnx9XKA="
> > > >
> > > >8.  }
> > > >9. },
> > > >10. "authorization":{
> > > >11."class":"solr.RuleBasedAuthorizationPlugin",
> > > >12."user-role":{"solr-admin":"admin", "solr-user":"dev"},
> > > >13."permissions":[
> > > >14.   {
> > > >15."name":"security-edit",
> > > >16."role":"admin"
> > > >17.   },
> > > >18.   {
> > > >19. "collection": ["Collection1", "Collection2"],
> > > >20. "name": ["update", "read"],
> > > >21. "role": "dev"
> > > >22.   }
> > > >23.   ]
> > > >24. }}
> > > >
> > > >
> > > > But when Login intot the Solr admin dash-board using Solr-user
> > > credentials,
> > > > I can read, select, write, update, delete collections and do all
> sorts of
> > > > things like a solr-admin can do.
> > > >
> > > > I want solr-user to be able to access only *Collection1* and
> > > *Collection2*
> > > > and be able to only *update *and *read*. He should not be able to
> access
> > > > other collections and do anything apart from the above mentioned
> role.
> > > >
> > > > Where am I exactly going wrong?
> > > >
> > > > Thanks and Regards,
> > > > Salmaan
> > >
>

Re: Problems with restricting access to users using Basic auth

[Salmaan Rashid Syed]

Hi Jason,

Thanks for your prompt reply.

Your code does address few of my concerns like restricting *solr-user* from
accessing the dashboard and from executing other request methods apart from
*"update"* and *"read"*.

But I am still able to access other collections such as *"Collection3",
"Collection4"* and so on, apart from the intended two collection entered in
the code. I can give *"update"* and *"read" *requests to these external
Collections which solr-user should not be able to do.

Moreover solr-user can look at the
*http://localhost:8983/solr/admin/authentication
<http://localhost:8983/solr/admin/authentication>* link which lists the
users and their *SHA256* coded passwords. How can I hide this and restrict
access to other collections?

Thanks and regards
Salmaan


On Wed, Aug 21, 2019 at 5:07 AM Jason Gerlowski 
wrote:

> Hi Salmaan,
>
> Solr's RuleBasedAuthorizationPlugin allows requests through if none of
> the specified permissions apply.  I think that's what you're running
> into in your example above.  If you want to lockdown a particular API
> (or set of APIs) then you need to explicitly add a permission that
> restricts those APIs to a particular role.
>
> One way to get the behavior that it sounds like you're looking for
> would be to add a catch-all permission at the bottom of your
> permissions list that restricts all other APIs to "admin".  This would
> look a bit like:
>
>  "permissions":[
> {
> "name":"security-edit",
> "role":"admin"
> },
> {
> "collection": ["Collection1", "Collection2"],
> "name": ["update", "read"],
> "role": "dev"
> },
> {
> "name": "all",
> "role": "admin"
> }
> ]
>
> Hope that helps get you started.
>
> Best,
>
> Jason
>
> On Tue, Aug 20, 2019 at 3:19 AM Salmaan Rashid Syed
>  wrote:
> >
> > Hi Solr Users,
> >
> > I want to create a user that has restricted access to Solr. I did the
> > follwowing:-
> >
> >
> >1. {
> >2. "authentication":{
> >3."blockUnknown": true,
> >4."class":"solr.BasicAuthPlugin",
> >5."credentials":{
> >6. "solr-admin":
> >"2IUJD9dxRhxSXaJGdMP5z8ggSn4I285Ty9GCWeRNMUg=
> > /sSNJJufPtj4baRizoJshJawFsWvopvZSqZpQ/Nwd78="
> >,
> >7. "solr-user":
> >"p+XwOh15p/rvFltv2LXP1CwtbvwBgGlC9qcDKxV73B4=
> > DcNsjfA6Wf16V1XKT+YraosSFQ5Cr3eRUX6BQnx9XKA="
> >
> >8.  }
> >9. },
> >10. "authorization":{
> >11."class":"solr.RuleBasedAuthorizationPlugin",
> >12."user-role":{"solr-admin":"admin", "solr-user":"dev"},
> >13."permissions":[
> >14.   {
> >15."name":"security-edit",
> >16."role":"admin"
> >17.   },
> >18.   {
> >19. "collection": ["Collection1", "Collection2"],
> >20. "name": ["update", "read"],
> >21. "role": "dev"
> >22.   }
> >23.   ]
> >24. }}
> >
> >
> > But when Login intot the Solr admin dash-board using Solr-user
> credentials,
> > I can read, select, write, update, delete collections and do all sorts of
> > things like a solr-admin can do.
> >
> > I want solr-user to be able to access only *Collection1* and
> *Collection2*
> > and be able to only *update *and *read*. He should not be able to access
> > other collections and do anything apart from the above mentioned role.
> >
> > Where am I exactly going wrong?
> >
> > Thanks and Regards,
> > Salmaan
>

Problems with restricting access to users using Basic auth

[Salmaan Rashid Syed]

Hi Solr Users,

I want to create a user that has restricted access to Solr. I did the
follwowing:-


   1. {
   2. "authentication":{
   3."blockUnknown": true,
   4."class":"solr.BasicAuthPlugin",
   5."credentials":{
   6. "solr-admin":
   "2IUJD9dxRhxSXaJGdMP5z8ggSn4I285Ty9GCWeRNMUg=
/sSNJJufPtj4baRizoJshJawFsWvopvZSqZpQ/Nwd78="
   ,
   7. "solr-user":
   "p+XwOh15p/rvFltv2LXP1CwtbvwBgGlC9qcDKxV73B4=
DcNsjfA6Wf16V1XKT+YraosSFQ5Cr3eRUX6BQnx9XKA="

   8.  }
   9. },
   10. "authorization":{
   11."class":"solr.RuleBasedAuthorizationPlugin",
   12."user-role":{"solr-admin":"admin", "solr-user":"dev"},
   13."permissions":[
   14.   {
   15."name":"security-edit",
   16."role":"admin"
   17.   },
   18.   {
   19. "collection": ["Collection1", "Collection2"],
   20. "name": ["update", "read"],
   21. "role": "dev"
   22.   }
   23.   ]
   24. }}


But when Login intot the Solr admin dash-board using Solr-user credentials,
I can read, select, write, update, delete collections and do all sorts of
things like a solr-admin can do.

I want solr-user to be able to access only *Collection1* and *Collection2*
and be able to only *update *and *read*. He should not be able to access
other collections and do anything apart from the above mentioned role.

Where am I exactly going wrong?

Thanks and Regards,
Salmaan

Re: Problem with uploading Large synonym files in cloud mode

[Salmaan Rashid Syed]

Hi Bernd,

Yet, another noob question.

Consider that my conf directory for creating a collection is _default. Suppose
now I made changes to managed-schema and conf.xml, How do I upload it to
external zookeeper at 2181 port?

Can you please give me the command that uploads altered config.xml and
managed-schema to zookeeper?

Thanks.


On Fri, Aug 2, 2019 at 11:53 AM Bernd Fehling <
bernd.fehl...@uni-bielefeld.de> wrote:

>
> to 1) yes, because -Djute.maxbuffer is going to JAVA as a start parameter.
>
> to 2) I don't know because i never use internal zookeeper
>
> to 3) the configs are located at solr/server/solr/configsets/
>- choose one configset, make your changes and upload it to zookeeper
>- when creating a new collection choose your uploaded config
>- whenever you change something at your config you have to upload
> it to zookeeper
>
> I don't know which Solr version you are using, but a good starting point
> with solr cloud is
> http://lucene.apache.org/solr/guide/6_6/solrcloud.html
>
> Regards
> Bernd
>
>
>
> Am 02.08.19 um 07:59 schrieb Salmaan Rashid Syed:
> > Hi Bernd,
> >
> > Sorry for noob questions.
> >
> > 1) What do you mean by restart? Do you mean that I shoud issue ./bin/solr
> > stop -all?
> >
> > And then issue these commands,
> >
> > bin/solr restart -cloud -s example/cloud/node1/solr -p 8983
> >
> > bin/solr restart -c -p 7574 -z localhost:9983 -s example/cloud/node2/solr
> >
> >
> > 2) Where can I find solr internal Zookeeper folder for issuing this
> command
> > SERVER_JVMFLAGS="$SERVER_JVMFLAGS -Djute.maxbuffer=1000"?
> >
> >
> > 3) Where can I find schema.xml and config.xmo files for Solr Cloud Cores
> to
> > make changes in schema and configuration? Or do I have to make chages in
> > the directory that contains managed-schema and config.xml files with
> which
> > I initialized and created collections? And then the solr will pick them
> up
> > from there when it restarts?
> >
> >
> > Regards,
> >
> > Salmaan
> >
> >
> >
> > On Thu, Aug 1, 2019 at 5:40 PM Bernd Fehling <
> bernd.fehl...@uni-bielefeld.de>
> > wrote:
> >
> >>
> >>
> >> Am 01.08.19 um 13:57 schrieb Salmaan Rashid Syed:
> >>> After I make the -Djute.maxbuffer changes to Solr, deployed in
> >> production,
> >>> Do I need to restart the solr to be able to add synonyms >1MB?
> >>
> >> Yes, you have to restart Solr.
> >>
> >>
> >>>
> >>> Or, Was this supposed to be done before putting Solr to production
> ever?
> >>> Can we make chages when the Solr is running in production?
> >>
> >> It depends on your system. In my cloud with 5 shards and 3 replicas I
> can
> >> take one by one offline, stop, modify and start again without problems.
> >>
> >>
> >>>
> >>> Thanks.
> >>>
> >>> Regards,
> >>> Salmaan
> >>>
> >>>
> >>>
> >>> On Tue, Jul 30, 2019 at 4:53 PM Bernd Fehling <
> >>> bernd.fehl...@uni-bielefeld.de> wrote:
> >>>
> >>>> You have to increase the -Djute.maxbuffer for large configs.
> >>>>
> >>>> In Solr bin/solr/solr.in.sh use e.g.
> >>>> SOLR_OPTS="$SOLR_OPTS -Djute.maxbuffer=1000"
> >>>> This will increase maxbuffer for zookeeper on solr side to 10MB.
> >>>>
> >>>> In Zookeeper zookeeper/conf/zookeeper-env.sh
> >>>> SERVER_JVMFLAGS="$SERVER_JVMFLAGS -Djute.maxbuffer=1000"
> >>>>
> >>>> I have a >10MB Thesaurus and use 30MB for jute.maxbuffer, works
> perfect.
> >>>>
> >>>> Regards
> >>>>
> >>>>
> >>>> Am 30.07.19 um 13:09 schrieb Salmaan Rashid Syed:
> >>>>> Hi Solr Users,
> >>>>>
> >>>>> I have a very big synonym file (>5MB). I am unable to start Solr in
> >> cloud
> >>>>> mode as it throws an error message stating that the synonmys file is
> >>>>> too large. I figured out that the zookeeper doesn't take a file
> greater
> >>>>> than 1MB size.
> >>>>>
> >>>>> I tried to break down my synonyms file to smaller chunks less than
> 1MB
> >>>>> each. But, I am not sure about how to include all the filenames into
> >> the
> >>>>> Solr schema.
> >>>>>
> >>>>> Should it be seperated by commas like synonyms = "__1_synonyms.txt,
> >>>>> __2_synonyms.txt, __3synonyms.txt"
> >>>>>
> >>>>> Or is there a better way of doing that? Will the bigger file when
> >> broken
> >>>>> down to smaller chunks will be uploaded to zookeeper as well.
> >>>>>
> >>>>> Please help or please guide me to relevant documentation regarding
> >> this.
> >>>>>
> >>>>> Thank you.
> >>>>>
> >>>>> Regards.
> >>>>> Salmaan.
> >>>>>
> >>>>
> >>>
> >>
> >
>

Re: Problem with uploading Large synonym files in cloud mode

[Salmaan Rashid Syed]

Hi Bernd,

Sorry for noob questions.

1) What do you mean by restart? Do you mean that I shoud issue ./bin/solr
stop -all?

And then issue these commands,

bin/solr restart -cloud -s example/cloud/node1/solr -p 8983

bin/solr restart -c -p 7574 -z localhost:9983 -s example/cloud/node2/solr


2) Where can I find solr internal Zookeeper folder for issuing this command
SERVER_JVMFLAGS="$SERVER_JVMFLAGS -Djute.maxbuffer=1000"?


3) Where can I find schema.xml and config.xmo files for Solr Cloud Cores to
make changes in schema and configuration? Or do I have to make chages in
the directory that contains managed-schema and config.xml files with which
I initialized and created collections? And then the solr will pick them up
from there when it restarts?


Regards,

Salmaan



On Thu, Aug 1, 2019 at 5:40 PM Bernd Fehling 
wrote:

>
>
> Am 01.08.19 um 13:57 schrieb Salmaan Rashid Syed:
> > After I make the -Djute.maxbuffer changes to Solr, deployed in
> production,
> > Do I need to restart the solr to be able to add synonyms >1MB?
>
> Yes, you have to restart Solr.
>
>
> >
> > Or, Was this supposed to be done before putting Solr to production ever?
> > Can we make chages when the Solr is running in production?
>
> It depends on your system. In my cloud with 5 shards and 3 replicas I can
> take one by one offline, stop, modify and start again without problems.
>
>
> >
> > Thanks.
> >
> > Regards,
> > Salmaan
> >
> >
> >
> > On Tue, Jul 30, 2019 at 4:53 PM Bernd Fehling <
> > bernd.fehl...@uni-bielefeld.de> wrote:
> >
> >> You have to increase the -Djute.maxbuffer for large configs.
> >>
> >> In Solr bin/solr/solr.in.sh use e.g.
> >> SOLR_OPTS="$SOLR_OPTS -Djute.maxbuffer=1000"
> >> This will increase maxbuffer for zookeeper on solr side to 10MB.
> >>
> >> In Zookeeper zookeeper/conf/zookeeper-env.sh
> >> SERVER_JVMFLAGS="$SERVER_JVMFLAGS -Djute.maxbuffer=1000"
> >>
> >> I have a >10MB Thesaurus and use 30MB for jute.maxbuffer, works perfect.
> >>
> >> Regards
> >>
> >>
> >> Am 30.07.19 um 13:09 schrieb Salmaan Rashid Syed:
> >>> Hi Solr Users,
> >>>
> >>> I have a very big synonym file (>5MB). I am unable to start Solr in
> cloud
> >>> mode as it throws an error message stating that the synonmys file is
> >>> too large. I figured out that the zookeeper doesn't take a file greater
> >>> than 1MB size.
> >>>
> >>> I tried to break down my synonyms file to smaller chunks less than 1MB
> >>> each. But, I am not sure about how to include all the filenames into
> the
> >>> Solr schema.
> >>>
> >>> Should it be seperated by commas like synonyms = "__1_synonyms.txt,
> >>> __2_synonyms.txt, __3synonyms.txt"
> >>>
> >>> Or is there a better way of doing that? Will the bigger file when
> broken
> >>> down to smaller chunks will be uploaded to zookeeper as well.
> >>>
> >>> Please help or please guide me to relevant documentation regarding
> this.
> >>>
> >>> Thank you.
> >>>
> >>> Regards.
> >>> Salmaan.
> >>>
> >>
> >
>

Re: Basic Authentication problem

[Salmaan Rashid Syed]

My curl command works fine for querying, updating etc.

I don't think it is the fault of curl command.

I get the following error message when I tried to change the password of
solr-admin,








Error 403 Unauthorized request, Response code: 403



HTTP ERROR 403

Problem accessing /solr/admin/authentication. Reason:

Unauthorized request, Response code: 403






And if I give incorrect username and password, it states bad credentials
entered. So, I think the curl command is fine. There is some issue with
basic authentication.


Okay, One way around is to figure out how to convert my password into a
SHA256 (password + salt) and enter it in security.json file. But, I have no
idea how to generate the SHA256 equivalent of my password.


Any suggestions?



On Fri, Aug 2, 2019 at 10:55 AM Zheng Lin Edwin Yeo 
wrote:

> Hi Salmaan,
>
> Does your curl command works for other curl commands like normal querying?
> Or is it just not working when updating password and adding new users?
>
> Regards,
> Edwin
>
>
>
> On Fri, 2 Aug 2019 at 13:03, Salmaan Rashid Syed <
> salmaan.ras...@mroads.com>
> wrote:
>
> > Hi Zheng,
> >
> > I tried and it works. But, when I use the curl command to update password
> > or add new users it doesn't work.
> >
> > I don't know what is going wrong with curl command!
> >
> > Regards,
> > Salmaan
> >
> >
> > On Fri, Aug 2, 2019 at 8:26 AM Zheng Lin Edwin Yeo  >
> > wrote:
> >
> > > Have you tried to access the Solr Admin UI with your created user name
> > and
> > > password to see if it works?
> > >
> > > Regards,
> > > Edwin
> > >
> > > On Thu, 1 Aug 2019 at 19:51, Salmaan Rashid Syed <
> > > salmaan.ras...@mroads.com>
> > > wrote:
> > >
> > > > Hi Solr User,
> > > >
> > > > Please help me with my issue.
> > > >
> > > > I have enabled Solr basic authentication as shown in Solr
> > documentations.
> > > >
> > > > I have changed username from solr to solr-admin as follow
> > > >
> > > > {
> > > > "authentication":{
> > > >"blockUnknown": true,
> > > >"class":"solr.BasicAuthPlugin",
> > > >
> > > >
> > >
> "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> > > > Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
> > > > },
> > > > "authorization":{
> > > >"class":"solr.RuleBasedAuthorizationPlugin",
> > > >"permissions":[{"name":"security-edit",
> > > >   "role":"admin"}],
> > > >"user-role":{"solr-admin":"admin"}
> > > > }}
> > > >
> > > > I am able to login to the page using the credentials
> > > solr-admin:SolrRocks.
> > > >
> > > > But, when I try to change the default password using the curl command
> > as
> > > > follows,
> > > >
> > > > curl --user solr-admin:SolrRocks
> > > > http://localhost:8983/solr/admin/authentication -H
> > > > 'Content-type:application/json' -d
> > '{"set-user":{"solr-admin":"s2019"}}'
> > > >
> > > >
> > > > I get the following error message,
> > > >
> > > >
> > > > 
> > > >
> > > > 
> > > >
> > > > 
> > > >
> > > > Error 403 Unauthorized request, Response code: 403
> > > >
> > > > 
> > > >
> > > > HTTP ERROR 403
> > > >
> > > > Problem accessing /solr/admin/authentication. Reason:
> > > >
> > > > Unauthorized request, Response code: 403
> > > >
> > > > 
> > > >
> > > > 
> > > >
> > > >
> > > > Please help.
> > > >
> > > > Regards,
> > > > Salmaan
> > > >
> > > >
> > > > On Thu, Aug 1, 2019 at 1:51 PM Salmaan Rashid Syed <
> > > > salmaan.ras...@mroads.com> wrote:
> > > >
> > > > > Small correction in the user-name. It is solr-admin everywhere.
> > > > >
> > > > > Hi Solr Users,
> > > > >
> > > > > I have enabled Solr basic authentication as shown

Re: Basic Authentication problem

[Salmaan Rashid Syed]

Hi Zheng,

I tried and it works. But, when I use the curl command to update password
or add new users it doesn't work.

I don't know what is going wrong with curl command!

Regards,
Salmaan


On Fri, Aug 2, 2019 at 8:26 AM Zheng Lin Edwin Yeo 
wrote:

> Have you tried to access the Solr Admin UI with your created user name and
> password to see if it works?
>
> Regards,
> Edwin
>
> On Thu, 1 Aug 2019 at 19:51, Salmaan Rashid Syed <
> salmaan.ras...@mroads.com>
> wrote:
>
> > Hi Solr User,
> >
> > Please help me with my issue.
> >
> > I have enabled Solr basic authentication as shown in Solr documentations.
> >
> > I have changed username from solr to solr-admin as follow
> >
> > {
> > "authentication":{
> >"blockUnknown": true,
> >"class":"solr.BasicAuthPlugin",
> >
> >
> "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> > Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
> > },
> > "authorization":{
> >"class":"solr.RuleBasedAuthorizationPlugin",
> >"permissions":[{"name":"security-edit",
> >   "role":"admin"}],
> >"user-role":{"solr-admin":"admin"}
> > }}
> >
> > I am able to login to the page using the credentials
> solr-admin:SolrRocks.
> >
> > But, when I try to change the default password using the curl command as
> > follows,
> >
> > curl --user solr-admin:SolrRocks
> > http://localhost:8983/solr/admin/authentication -H
> > 'Content-type:application/json' -d '{"set-user":{"solr-admin":"s2019"}}'
> >
> >
> > I get the following error message,
> >
> >
> > 
> >
> > 
> >
> > 
> >
> > Error 403 Unauthorized request, Response code: 403
> >
> > 
> >
> > HTTP ERROR 403
> >
> > Problem accessing /solr/admin/authentication. Reason:
> >
> > Unauthorized request, Response code: 403
> >
> > 
> >
> > 
> >
> >
> > Please help.
> >
> > Regards,
> > Salmaan
> >
> >
> > On Thu, Aug 1, 2019 at 1:51 PM Salmaan Rashid Syed <
> > salmaan.ras...@mroads.com> wrote:
> >
> > > Small correction in the user-name. It is solr-admin everywhere.
> > >
> > > Hi Solr Users,
> > >
> > > I have enabled Solr basic authentication as shown in Solr
> documentations.
> > >
> > > I have changed username from solr to solr-admin as follow
> > >
> > > {
> > > "authentication":{
> > >"blockUnknown": true,
> > >"class":"solr.BasicAuthPlugin",
> > >
> > >
> > "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> > > Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
> > > },
> > > "authorization":{
> > >"class":"solr.RuleBasedAuthorizationPlugin",
> > >"permissions":[{"name":"security-edit",
> > >   "role":"admin"}],
> > >"user-role":{"solr-admin":"admin"}
> > > }}
> > >
> > > I am able to login to the page using the credentials
> > > mroads-solr-admin:SolrRocks.
> > >
> > > But, when I try to change the default password using the curl command
> as
> > > follows,
> > >
> > > curl --user solr-admin:SolrRocks
> > > http://localhost:8983/solr/admin/authentication -H
> > > 'Content-type:application/json' -d
> '{"set-user":{"solr-admin":"s2019"}}'
> > >
> > >
> > >
> > > I get the following error message,
> > >
> > >
> > > 
> > >
> > > 
> > >
> > > 
> > >
> > > Error 403 Unauthorized request, Response code: 403
> > >
> > > 
> > >
> > > HTTP ERROR 403
> > >
> > > Problem accessing /solr/admin/authentication. Reason:
> > >
> > > Unauthorized request, Response code: 403
> > >
> > > 
> > >
> > > 
> > >
> > >
> > > Please help.
> > >
> > >
> > > *Thanks and Regards,*
> > >

Re: Problem with uploading Large synonym files in cloud mode

[Salmaan Rashid Syed]

Thank you, I will definitely try it.

Regards,
Salmaan



On Thu, Aug 1, 2019 at 5:40 PM Bernd Fehling 
wrote:

>
>
> Am 01.08.19 um 13:57 schrieb Salmaan Rashid Syed:
> > After I make the -Djute.maxbuffer changes to Solr, deployed in
> production,
> > Do I need to restart the solr to be able to add synonyms >1MB?
>
> Yes, you have to restart Solr.
>
>
> >
> > Or, Was this supposed to be done before putting Solr to production ever?
> > Can we make chages when the Solr is running in production?
>
> It depends on your system. In my cloud with 5 shards and 3 replicas I can
> take one by one offline, stop, modify and start again without problems.
>
>
> >
> > Thanks.
> >
> > Regards,
> > Salmaan
> >
> >
> >
> > On Tue, Jul 30, 2019 at 4:53 PM Bernd Fehling <
> > bernd.fehl...@uni-bielefeld.de> wrote:
> >
> >> You have to increase the -Djute.maxbuffer for large configs.
> >>
> >> In Solr bin/solr/solr.in.sh use e.g.
> >> SOLR_OPTS="$SOLR_OPTS -Djute.maxbuffer=1000"
> >> This will increase maxbuffer for zookeeper on solr side to 10MB.
> >>
> >> In Zookeeper zookeeper/conf/zookeeper-env.sh
> >> SERVER_JVMFLAGS="$SERVER_JVMFLAGS -Djute.maxbuffer=1000"
> >>
> >> I have a >10MB Thesaurus and use 30MB for jute.maxbuffer, works perfect.
> >>
> >> Regards
> >>
> >>
> >> Am 30.07.19 um 13:09 schrieb Salmaan Rashid Syed:
> >>> Hi Solr Users,
> >>>
> >>> I have a very big synonym file (>5MB). I am unable to start Solr in
> cloud
> >>> mode as it throws an error message stating that the synonmys file is
> >>> too large. I figured out that the zookeeper doesn't take a file greater
> >>> than 1MB size.
> >>>
> >>> I tried to break down my synonyms file to smaller chunks less than 1MB
> >>> each. But, I am not sure about how to include all the filenames into
> the
> >>> Solr schema.
> >>>
> >>> Should it be seperated by commas like synonyms = "__1_synonyms.txt,
> >>> __2_synonyms.txt, __3synonyms.txt"
> >>>
> >>> Or is there a better way of doing that? Will the bigger file when
> broken
> >>> down to smaller chunks will be uploaded to zookeeper as well.
> >>>
> >>> Please help or please guide me to relevant documentation regarding
> this.
> >>>
> >>> Thank you.
> >>>
> >>> Regards.
> >>> Salmaan.
> >>>
> >>
> >
>

Re: Problem with uploading Large synonym files in cloud mode

[Salmaan Rashid Syed]

After I make the -Djute.maxbuffer changes to Solr, deployed in production,
Do I need to restart the solr to be able to add synonyms >1MB?

Or, Was this supposed to be done before putting Solr to production ever?
Can we make chages when the Solr is running in production?

Thanks.

Regards,
Salmaan



On Tue, Jul 30, 2019 at 4:53 PM Bernd Fehling <
bernd.fehl...@uni-bielefeld.de> wrote:

> You have to increase the -Djute.maxbuffer for large configs.
>
> In Solr bin/solr/solr.in.sh use e.g.
> SOLR_OPTS="$SOLR_OPTS -Djute.maxbuffer=1000"
> This will increase maxbuffer for zookeeper on solr side to 10MB.
>
> In Zookeeper zookeeper/conf/zookeeper-env.sh
> SERVER_JVMFLAGS="$SERVER_JVMFLAGS -Djute.maxbuffer=1000"
>
> I have a >10MB Thesaurus and use 30MB for jute.maxbuffer, works perfect.
>
> Regards
>
>
> Am 30.07.19 um 13:09 schrieb Salmaan Rashid Syed:
> > Hi Solr Users,
> >
> > I have a very big synonym file (>5MB). I am unable to start Solr in cloud
> > mode as it throws an error message stating that the synonmys file is
> > too large. I figured out that the zookeeper doesn't take a file greater
> > than 1MB size.
> >
> > I tried to break down my synonyms file to smaller chunks less than 1MB
> > each. But, I am not sure about how to include all the filenames into the
> > Solr schema.
> >
> > Should it be seperated by commas like synonyms = "__1_synonyms.txt,
> > __2_synonyms.txt, __3synonyms.txt"
> >
> > Or is there a better way of doing that? Will the bigger file when broken
> > down to smaller chunks will be uploaded to zookeeper as well.
> >
> > Please help or please guide me to relevant documentation regarding this.
> >
> > Thank you.
> >
> > Regards.
> > Salmaan.
> >
>

Re: Basic Authentication problem

[Salmaan Rashid Syed]

Hi Solr User,

Please help me with my issue.

I have enabled Solr basic authentication as shown in Solr documentations.

I have changed username from solr to solr-admin as follow

{
"authentication":{
   "blockUnknown": true,
   "class":"solr.BasicAuthPlugin",

 "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
},
"authorization":{
   "class":"solr.RuleBasedAuthorizationPlugin",
   "permissions":[{"name":"security-edit",
  "role":"admin"}],
   "user-role":{"solr-admin":"admin"}
}}

I am able to login to the page using the credentials solr-admin:SolrRocks.

But, when I try to change the default password using the curl command as
follows,

curl --user solr-admin:SolrRocks
http://localhost:8983/solr/admin/authentication -H
'Content-type:application/json' -d '{"set-user":{"solr-admin":"s2019"}}'


I get the following error message,








Error 403 Unauthorized request, Response code: 403



HTTP ERROR 403

Problem accessing /solr/admin/authentication. Reason:

Unauthorized request, Response code: 403






Please help.

Regards,
Salmaan


On Thu, Aug 1, 2019 at 1:51 PM Salmaan Rashid Syed <
salmaan.ras...@mroads.com> wrote:

> Small correction in the user-name. It is solr-admin everywhere.
>
> Hi Solr Users,
>
> I have enabled Solr basic authentication as shown in Solr documentations.
>
> I have changed username from solr to solr-admin as follow
>
> {
> "authentication":{
>"blockUnknown": true,
>"class":"solr.BasicAuthPlugin",
>
>  "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
> },
> "authorization":{
>"class":"solr.RuleBasedAuthorizationPlugin",
>"permissions":[{"name":"security-edit",
>   "role":"admin"}],
>"user-role":{"solr-admin":"admin"}
> }}
>
> I am able to login to the page using the credentials
> mroads-solr-admin:SolrRocks.
>
> But, when I try to change the default password using the curl command as
> follows,
>
> curl --user solr-admin:SolrRocks
> http://localhost:8983/solr/admin/authentication -H
> 'Content-type:application/json' -d '{"set-user":{"solr-admin":"s2019"}}'
>
>
>
> I get the following error message,
>
>
> 
>
> 
>
> 
>
> Error 403 Unauthorized request, Response code: 403
>
> 
>
> HTTP ERROR 403
>
> Problem accessing /solr/admin/authentication. Reason:
>
> Unauthorized request, Response code: 403
>
> 
>
> 
>
>
> Please help.
>
>
> *Thanks and Regards,*
> Salmaan Rashid Syed
> +91 8978353445 | www.panna.ai |
> 5550 Granite Pkwy, Suite #225, Plano TX-75024.
> Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.
>
>
>
> On Thu, Aug 1, 2019 at 1:48 PM Salmaan Rashid Syed <
> salmaan.ras...@mroads.com> wrote:
>
>> Hi Solr Users,
>>
>> I have enabled Solr basic authentication as shown in Solr documentations.
>>
>> I have changed username from solr to solr-admin as follow
>>
>> {
>> "authentication":{
>>"blockUnknown": true,
>>"class":"solr.BasicAuthPlugin",
>>
>>  "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
>> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
>> },
>> "authorization":{
>>"class":"solr.RuleBasedAuthorizationPlugin",
>>"permissions":[{"name":"security-edit",
>>   "role":"admin"}],
>>"user-role":{"solr-admin":"admin"}
>> }}
>>
>> I am able to login to the page using the credentials
>> mroads-solr-admin:SolrRocks.
>>
>> But, when I try to change the default password using the curl command as
>> follows,
>>
>> curl --user mroads-solr-admin:SolrRocks
>> http://localhost:8983/solr/admin/authentication -H
>> 'Content-type:application/json' -d '{"set-user":{"mroads-solr":"Mroads@2019
>> #"}}'
>>
>>
>>
>> I get the following error message,
>>
>>
>> 
>>
>> 
>>
>> 
>>
>> Error 403 Unauthorized request, Response code: 403
>>
>> 
>>
>> HTTP ERROR 403
>>
>> Problem accessing /solr/admin/authentication. Reason:
>>
>> Unauthorized request, Response code: 403
>>
>> 
>>
>> 
>>
>>
>> Please help.
>>
>>
>>
>> *Thanks and Regards,*
>> Salmaan Rashid Syed
>> +91 8978353445 | www.panna.ai |
>> 5550 Granite Pkwy, Suite #225, Plano TX-75024.
>> Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.
>>
>>
>

Re: Basic Authentication problem

[Salmaan Rashid Syed]

Small correction in the user-name. It is solr-admin everywhere.

Hi Solr Users,

I have enabled Solr basic authentication as shown in Solr documentations.

I have changed username from solr to solr-admin as follow

{
"authentication":{
   "blockUnknown": true,
   "class":"solr.BasicAuthPlugin",

 "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
},
"authorization":{
   "class":"solr.RuleBasedAuthorizationPlugin",
   "permissions":[{"name":"security-edit",
  "role":"admin"}],
   "user-role":{"solr-admin":"admin"}
}}

I am able to login to the page using the credentials
mroads-solr-admin:SolrRocks.

But, when I try to change the default password using the curl command as
follows,

curl --user solr-admin:SolrRocks
http://localhost:8983/solr/admin/authentication -H
'Content-type:application/json' -d '{"set-user":{"solr-admin":"s2019"}}'



I get the following error message,








Error 403 Unauthorized request, Response code: 403



HTTP ERROR 403

Problem accessing /solr/admin/authentication. Reason:

Unauthorized request, Response code: 403






Please help.


*Thanks and Regards,*
Salmaan Rashid Syed
+91 8978353445 | www.panna.ai |
5550 Granite Pkwy, Suite #225, Plano TX-75024.
Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.



On Thu, Aug 1, 2019 at 1:48 PM Salmaan Rashid Syed <
salmaan.ras...@mroads.com> wrote:

> Hi Solr Users,
>
> I have enabled Solr basic authentication as shown in Solr documentations.
>
> I have changed username from solr to solr-admin as follow
>
> {
> "authentication":{
>"blockUnknown": true,
>"class":"solr.BasicAuthPlugin",
>
>  "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
> },
> "authorization":{
>"class":"solr.RuleBasedAuthorizationPlugin",
>"permissions":[{"name":"security-edit",
>   "role":"admin"}],
>"user-role":{"solr-admin":"admin"}
> }}
>
> I am able to login to the page using the credentials
> mroads-solr-admin:SolrRocks.
>
> But, when I try to change the default password using the curl command as
> follows,
>
> curl --user mroads-solr-admin:SolrRocks
> http://localhost:8983/solr/admin/authentication -H
> 'Content-type:application/json' -d '{"set-user":{"mroads-solr":"Mroads@2019
> #"}}'
>
>
>
> I get the following error message,
>
>
> 
>
> 
>
> 
>
> Error 403 Unauthorized request, Response code: 403
>
> 
>
> HTTP ERROR 403
>
> Problem accessing /solr/admin/authentication. Reason:
>
> Unauthorized request, Response code: 403
>
> 
>
> 
>
>
> Please help.
>
>
>
> *Thanks and Regards,*
> Salmaan Rashid Syed
> +91 8978353445 | www.panna.ai |
> 5550 Granite Pkwy, Suite #225, Plano TX-75024.
> Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.
>
>

Basic Authentication problem

[Salmaan Rashid Syed]

Hi Solr Users,

I have enabled Solr basic authentication as shown in Solr documentations.

I have changed username from solr to solr-admin as follow

{
"authentication":{
   "blockUnknown": true,
   "class":"solr.BasicAuthPlugin",

 "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
},
"authorization":{
   "class":"solr.RuleBasedAuthorizationPlugin",
   "permissions":[{"name":"security-edit",
  "role":"admin"}],
   "user-role":{"solr-admin":"admin"}
}}

I am able to login to the page using the credentials
mroads-solr-admin:SolrRocks.

But, when I try to change the default password using the curl command as
follows,

curl --user mroads-solr-admin:SolrRocks
http://localhost:8983/solr/admin/authentication -H
'Content-type:application/json' -d '{"set-user":{"mroads-solr":"Mroads@2019
#"}}'



I get the following error message,








Error 403 Unauthorized request, Response code: 403



HTTP ERROR 403

Problem accessing /solr/admin/authentication. Reason:

Unauthorized request, Response code: 403






Please help.



*Thanks and Regards,*
Salmaan Rashid Syed
+91 8978353445 | www.panna.ai |
5550 Granite Pkwy, Suite #225, Plano TX-75024.
Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.

Re: Problem with uploading Large synonym files in cloud mode

[Salmaan Rashid Syed]

Hi all,

Thanks for your invaluable and helpful answers.

I currently don't have an external zookeeper loaded. I am working as per
the documentation for solr cloud without external zookeeper. I will later
add the external zookeeper once the changes works as expected.

*1) Will I still need to make changes to zookeeper-env.sh? Or the changes
to solr.in.sh <http://solr.in.sh> will suffice?*

I have an additional query that is slightly off topic but related to
synonyms.
My synonyms file will be updated with new words with time. What is the
procedure to update the synonyms file without shutting down the solr in
production?

What I am thinking is to replace all the similar words in a documents using
an external program before I index them to Solr. This way I don't have to
worry about the synonyms file size and updation.

*2) Do you think this is better way forward?*

Thanks for all you help.

Regards,
Salmaan




On Tue, Jul 30, 2019 at 4:53 PM Bernd Fehling <
bernd.fehl...@uni-bielefeld.de> wrote:

> You have to increase the -Djute.maxbuffer for large configs.
>
> In Solr bin/solr/solr.in.sh use e.g.
> SOLR_OPTS="$SOLR_OPTS -Djute.maxbuffer=1000"
> This will increase maxbuffer for zookeeper on solr side to 10MB.
>
> In Zookeeper zookeeper/conf/zookeeper-env.sh
> SERVER_JVMFLAGS="$SERVER_JVMFLAGS -Djute.maxbuffer=1000"
>
> I have a >10MB Thesaurus and use 30MB for jute.maxbuffer, works perfect.
>
> Regards
>
>
> Am 30.07.19 um 13:09 schrieb Salmaan Rashid Syed:
> > Hi Solr Users,
> >
> > I have a very big synonym file (>5MB). I am unable to start Solr in cloud
> > mode as it throws an error message stating that the synonmys file is
> > too large. I figured out that the zookeeper doesn't take a file greater
> > than 1MB size.
> >
> > I tried to break down my synonyms file to smaller chunks less than 1MB
> > each. But, I am not sure about how to include all the filenames into the
> > Solr schema.
> >
> > Should it be seperated by commas like synonyms = "__1_synonyms.txt,
> > __2_synonyms.txt, __3synonyms.txt"
> >
> > Or is there a better way of doing that? Will the bigger file when broken
> > down to smaller chunks will be uploaded to zookeeper as well.
> >
> > Please help or please guide me to relevant documentation regarding this.
> >
> > Thank you.
> >
> > Regards.
> > Salmaan.
> >
>

Problem with uploading Large synonym files in cloud mode

[Salmaan Rashid Syed]

Hi Solr Users,

I have a very big synonym file (>5MB). I am unable to start Solr in cloud
mode as it throws an error message stating that the synonmys file is
too large. I figured out that the zookeeper doesn't take a file greater
than 1MB size.

I tried to break down my synonyms file to smaller chunks less than 1MB
each. But, I am not sure about how to include all the filenames into the
Solr schema.

Should it be seperated by commas like synonyms = "__1_synonyms.txt,
__2_synonyms.txt, __3synonyms.txt"

Or is there a better way of doing that? Will the bigger file when broken
down to smaller chunks will be uploaded to zookeeper as well.

Please help or please guide me to relevant documentation regarding this.

Thank you.

Regards.
Salmaan.

Re: Accessing Solr collections at different ports - Need help

[Salmaan Rashid Syed]

Thanks Jorn for your reply.

I say that the nodes are limited to 4 because when I launch Solr in cloud
mode, the first prompt that I get is to choose number of nodes [1-4]. When
I tried to enter 7, it says that they are more than 4 and choose a smaller
number.


*Thanks and Regards,*
Salmaan Rashid Syed
+91 8978353445 | www.panna.ai |
5550 Granite Pkwy, Suite #225, Plano TX-75024.
Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.



On Fri, May 3, 2019 at 12:05 PM Jörn Franke  wrote:

> BTW why do you think that SolrCloud is limited to 4 nodes? More are for
> sure possible.
>
> > Am 03.05.2019 um 07:54 schrieb Salmaan Rashid Syed <
> salmaan.ras...@mroads.com>:
> >
> > Hi Solr Users,
> >
> > I am using Solr 7.6 in cloud mode with external zookeeper installed at
> > ports 2181, 2182, 2183. Currently we have only one server allocated for
> > Solr. We are planning to move to multiple servers for better sharing,
> > replication etc in near future.
> >
> > Now the issue is that, our organisation has data indexed for different
> > clients as separate collections. We want to uniquely access, update and
> > index each collection separately so that each individual client has
> access
> > to their respective collections at their respective ports. Eg:—
> Collection1
> > at port 8983, Collection2 at port 8984, Collection3 at port 8985 etc.
> >
> > I have two options I guess, one is to run Solr in cloud mode with 4 nodes
> > (max as limited by Solr) at 4 different ports. I don’t know how to go
> > beyond 4 nodes/ports in this case.
> >
> > The other option is to run Solr as service and create multiple copies of
> > Solr folder within the Server folder and access each Solr at different
> port
> > with its own collection as shown by
> > https://www.youtube.com/watch?v=wmQFwK2sujE
> >
> > I am really confused as to which is the better path to choose. Please
> help
> > me out.
> >
> > Thanks.
> >
> > Regards,
> > Salmaan
> >
> >
> > *Thanks and Regards,*
> > Salmaan Rashid Syed
> > +91 8978353445 | www.panna.ai |
> > 5550 Granite Pkwy, Suite #225, Plano TX-75024.
> > Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.
>

Re: Accessing Solr collections at different ports - Need help

[Salmaan Rashid Syed]

Thanks Walter,

Since I am new to Solr and by looking at your suggestion, it looks like I
am trying to do something very complicated and out-of-box capabilities of
Solr. I really don't want to do that.

I am not from Computer Science background and my specialisation is in
Analytics and AI.

Let me put my case scenario briefly.

We have developed a customised Solr-search engine that can search for data
(prepared, cleaned and preprocessed by us) in each individual Solr
collection.

Every client of ours is from a different vertical (like health,
engineering, public services, finance, casual works etc). They search for
data in their respective Solr collection. They also add, update and
re-index their respective data periodically.

As suggested by you, if I port-out all the collections from a single port,
will not the latency increase, wil not the burden on a single server
increase, will not the computational speed slows down as all the clients
are trying to speak to the same port simultaneously.

Or do you think that Solr-as-service is better option, where I can create
multiple Solr instances at different ports with collections of individual
clients in each solr instance.

To be honest, I really don't know what Solr-as-service is really trying to
accomplish.

Apologies for lengthy question and Thanks in advance.


*Thanks and Regards,*
Salmaan Rashid Syed
+91 8978353445 | www.panna.ai |
5550 Granite Pkwy, Suite #225, Plano TX-75024.
Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.



On Fri, May 3, 2019 at 11:59 AM Walter Underwood 
wrote:

> The best option is to run all the collections at the same port.
> Intra-cluster communication cannot be split over multiple ports, so this
> would require big internal changes to Solr. And what about communication
> that does not belong to a collection, like electing an overseer node?
>
> Why do you want the very non-standard configuration?
>
> If you must have it, run a webserver like nginx on each node, configure it
> to do this crazy multiple port thing for external traffic and to forward
> all traffic to Solr’s single port.
>
> wunder
> Walter Underwood
> wun...@wunderwood.org
> http://observer.wunderwood.org/  (my blog)
>
> > On May 3, 2019, at 7:54 AM, Salmaan Rashid Syed <
> salmaan.ras...@mroads.com> wrote:
> >
> > Hi Solr Users,
> >
> > I am using Solr 7.6 in cloud mode with external zookeeper installed at
> > ports 2181, 2182, 2183. Currently we have only one server allocated for
> > Solr. We are planning to move to multiple servers for better sharing,
> > replication etc in near future.
> >
> > Now the issue is that, our organisation has data indexed for different
> > clients as separate collections. We want to uniquely access, update and
> > index each collection separately so that each individual client has
> access
> > to their respective collections at their respective ports. Eg:—
> Collection1
> > at port 8983, Collection2 at port 8984, Collection3 at port 8985 etc.
> >
> > I have two options I guess, one is to run Solr in cloud mode with 4 nodes
> > (max as limited by Solr) at 4 different ports. I don’t know how to go
> > beyond 4 nodes/ports in this case.
> >
> > The other option is to run Solr as service and create multiple copies of
> > Solr folder within the Server folder and access each Solr at different
> port
> > with its own collection as shown by
> > https://www.youtube.com/watch?v=wmQFwK2sujE
> >
> > I am really confused as to which is the better path to choose. Please
> help
> > me out.
> >
> > Thanks.
> >
> > Regards,
> > Salmaan
> >
> >
> > *Thanks and Regards,*
> > Salmaan Rashid Syed
> > +91 8978353445 | www.panna.ai |
> > 5550 Granite Pkwy, Suite #225, Plano TX-75024.
> > Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.
>
>

Accessing Solr collections at different ports

[Salmaan Rashid Syed]

Hi Solr Users,

I am using Solr 7.6 in cloud mode with external zookeeper installed at ports 
2181, 2182, 2183. Currently we have only one server allocated for Solr. We are 
planning to move to multiple servers for better sharing, replication etc in 
near future.

Now the issue is that, our organisation has data indexed for different clients 
as separate collections. We want to uniquely access, update and index each 
collection separately so that each individual client has access to their 
respective collections at their respective ports. Eg:— Collection1 at port 
8983, Collection2 at port 8984, Collection3 at port 8985 etc.

I have two options I guess, one is to run Solr in cloud mode with 4 nodes (max 
as limited by Solr) at 4 different ports. I don’t know how to go beyond 4 
nodes/ports in this case.

The other option is to run Solr as service and create multiple copies of Solr 
folder within the Server folder and access each Solr at different port with its 
own collection as shown by https://www.youtube.com/watch?v=wmQFwK2sujE 
 

I am really confused as to which is the better path to choose. Please help me 
out.

Thanks.

Regards,
Salmaan

Accessing Solr collections at different ports - Need help

[Salmaan Rashid Syed]

Hi Solr Users,

I am using Solr 7.6 in cloud mode with external zookeeper installed at
ports 2181, 2182, 2183. Currently we have only one server allocated for
Solr. We are planning to move to multiple servers for better sharing,
replication etc in near future.

Now the issue is that, our organisation has data indexed for different
clients as separate collections. We want to uniquely access, update and
index each collection separately so that each individual client has access
to their respective collections at their respective ports. Eg:— Collection1
at port 8983, Collection2 at port 8984, Collection3 at port 8985 etc.

I have two options I guess, one is to run Solr in cloud mode with 4 nodes
(max as limited by Solr) at 4 different ports. I don’t know how to go
beyond 4 nodes/ports in this case.

The other option is to run Solr as service and create multiple copies of
Solr folder within the Server folder and access each Solr at different port
with its own collection as shown by
https://www.youtube.com/watch?v=wmQFwK2sujE

I am really confused as to which is the better path to choose. Please help
me out.

Thanks.

Regards,
Salmaan


*Thanks and Regards,*
Salmaan Rashid Syed
+91 8978353445 | www.panna.ai |
5550 Granite Pkwy, Suite #225, Plano TX-75024.
Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.

Installing Solr as service to multiple clients

[Salmaan Rashid Syed]

Hi,

I want to install solr as service for our numerous clients. I am currently 
working in solr-7.6.0 in cloud mode on an ubuntu machine.

I am really unsure about how to facet our services to multiple clients. Every 
client has a unique data to index and they want their data to be stored as big 
data (i.e., backing-up indexed data in nodes and shards) with external 
zookeeper installed.

I tried running install_solr_service.sh and index data. But, I am not sure if 
this is cloud environment. I also cannot figure out how to index data (as shown 
in solr-cloud documentation) nor can I create nodes and shards.

I tried to solve the above problem as per cloud tutorial in 
https://lucene.apache.org/solr/guide/7_7/solr-tutorial.html 
, but I am not 
sure if indexes of multiple clients are not over-written/infringed upon each 
other.

Can you please suggest me what is the best way to move forward? What is the 
best solution? Can you please point me to previous email in archive where 
people had similar problem or point to relevant documentation?

Thanks a lot in advance.

Regards,

Salmaan