Re: Apache Solr 8.4.1 Basic Authentication

2020-03-27 Thread Mike Phillips 


The line webResource = client.resource(resourceUrl); defines what action 
I am performing example 
"https://localhost:8985/solr/CoreName/select?q=*%3A*;
Are you setting up your URL correctly. My snippet was outlining the 
additional Authorization header that needs to also be part of the 
request but assuming you were already going to a valid URL.


On 3/26/2020 3:59 PM, Altamirano, Emmanuel wrote:


Thank you so much for replying my email Mike.

I did use now the base64 to encode user and password but now Solr 
doesn’t undertint the credentials:


{Accept=[application/json], Content-Type=[application/json], 
*Authorization*=[Basic c29scjpTb2xyUm9ja3M=]}>] 
ERROR[org.springframework.web.client.HttpClientErrorException: 404 Not 
Found]


Before I got:

{Accept=[application/json], Content-Type=[application/json], 
*Authorization*=[Basic solr:SolrRocks]}>] 
ERROR[org.springframework.web.client.HttpClientErrorException: 401 
Invalid authentication token]


Is there something else that I need to configure?

*Emmanuel Altamirano,*

Consultant- Global Technology

International Operations

*Telephone:*312-985-3149

*Mobile:*312-860-3774

*cid:image001.png@01D02A68.19FA64F0*

555 W. Adams 5^th Floor

Chicago, IL 60661

_transunion.com <http://www.transunion.com/>___

This email including, without limitation, the attachments, if any, 
accompanying this email, may contain information which is confidential 
or privileged and exempt from disclosure under applicable law. The 
information is for the use of the intended recipient. If you are not 
the intended recipient, be aware that any disclosure, copying, 
distribution, review or use of the contents of this email, and/or its 
attachments, is without authorization and is prohibited. If you have 
received this email in error, please notify us by reply email 
immediately and destroy all copies of this email and its attachments.


*From:* Mike Phillips 
*Sent:* Thursday, March 26, 2020 3:10 PM
*To:* Altamirano, Emmanuel 
*Subject:* Re: Apache Solr 8.4.1 Basic Authentication

*EXTERNAL SENDER:* Exercise caution with links and attachments.

I use Jersey to talk to solr. Here is a code snippet. You seem to be 
on the right track but you need to base64 encode the username/password 
bytes.


    String combined = username + ":" + password;
    String  encoded = base64.encode(combined.getBytes());
    String  authHeader = "Basic " + encoded;

    // Setup need to encode the query
    webResource = client.resource(resourceUrl);
    webResource.accept("*.*");

    // Perform request
    response = webResource.header("Content-Type", "application/json")
    .header("Authorization", authHeader)
    .get(ClientResponse.class);
    respStatus = response.getStatus();

On 3/26/2020 12:27 PM, Altamirano, Emmanuel wrote:

Hello everyone,

We recently enable Solr Basic Authentication in our Dev
environment and we are testing Solr security. We followed the
instructions provided in the Apache Solr website and it is working
using curl command.

If you could provide us any advice of how do we need to send the
credentials in the HTTP headers in a Java program? It is very
appreciate it.

HttpHeaders headers= *new*HttpHeaders();

headers.setAccept(Arrays./asList/(MediaType.*/APPLICATION_JSON/*));

headers.setContentType(MediaType.*/APPLICATION_JSON/*);

headers.add("Authorization", "Basic "+ "solr:SolrRocks");

Thanks,

*Emmanuel Altamirano,*

Consultant- Global Technology

International Operations

*Telephone:*312-985-3149

*Mobile:*312-860-3774

*cid:image001.png@01D02A68.19FA64F0*

555 W. Adams 5^th Floor

Chicago, IL 60661

_transunion.com <http://www.transunion.com/>_

This email including, without limitation, the attachments, if any,
accompanying this email, may contain information which is
confidential or privileged and exempt from disclosure under
applicable law. The information is for the use of the intended
recipient. If you are not the intended recipient, be aware that
any disclosure, copying, distribution, review or use of the
contents of this email, and/or its attachments, is without
authorization and is prohibited. If you have received this email
in error, please notify us by reply email immediately and destroy
all copies of this email and its attachments.

Re: Apache Solr 8.4.1 Basic Authentication

2020-03-26 Thread lstusr 5u93n4 
Hey Emmanuel,

If you're using Java, I'd highly suggest using solrj, it'll do the work
that you need it to do:

SolrRequest req ;//create a new request object
req.setBasicAuthCredentials(userName, password);
solrClient.request(req);


If that doesn't work for you for some reason, you need to base64 encode the
username:password combo for basic http auth:

String auth =
Base64.getEncoder().encodeToString("solr:SolrRocks".getBytes());

headers.add("Authorization", "Basic " +  auth );

Also, I'm not sure if java.net.HttpClient has basic auth built in, but
apache HttpClient sure does...

Kyle

On Thu, 26 Mar 2020 at 15:27, Altamirano, Emmanuel <
emmanuel.altamir...@transunion.com> wrote:

> Hello everyone,
>
>
>
> We recently enable Solr Basic Authentication in our Dev environment and we
> are testing Solr security. We followed the instructions provided in the
> Apache Solr website and it is working using curl command.
>
>
>
> If you could provide us any advice of how do we need to send the
> credentials in the HTTP headers in a Java program? It is very appreciate it.
>
>
>
> HttpHeaders headers = *new* HttpHeaders();
>
> headers.setAccept(Arrays.*asList*(MediaType.*APPLICATION_JSON*));
>
> headers.setContentType(MediaType.*APPLICATION_JSON*);
>
> headers.add("Authorization", "Basic " + "solr:SolrRocks");
>
>
>
> Thanks,
>
>
>
> *Emmanuel Altamirano,*
>
> Consultant - Global Technology
>
> International Operations
>
>
>
> *Telephone:* 312-985-3149
>
> *Mobile:* 312-860-3774
>
>
>
> *[image: cid:image001.png@01D02A68.19FA64F0]*
>
>
>
> 555 W. Adams 5th Floor
>
> Chicago, IL 60661
>
> *transunion.com *
>
>
>
> This email including, without limitation, the attachments, if any,
> accompanying this email, may contain information which is confidential or
> privileged and exempt from disclosure under applicable law. The information
> is for the use of the intended recipient. If you are not the intended
> recipient, be aware that any disclosure, copying, distribution, review or
> use of the contents of this email, and/or its attachments, is without
> authorization and is prohibited. If you have received this email in error,
> please notify us by reply email immediately and destroy all copies of this
> email and its attachments.
>
>
>

Apache Solr 8.4.1 Basic Authentication

2020-03-26 Thread Altamirano, Emmanuel 
Hello everyone,

We recently enable Solr Basic Authentication in our Dev environment and we are 
testing Solr security. We followed the instructions provided in the Apache Solr 
website and it is working using curl command.

If you could provide us any advice of how do we need to send the credentials in 
the HTTP headers in a Java program? It is very appreciate it.

HttpHeaders headers = new HttpHeaders();
headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
headers.setContentType(MediaType.APPLICATION_JSON);
headers.add("Authorization", "Basic " + "solr:SolrRocks");

Thanks,

Emmanuel Altamirano,
Consultant - Global Technology
International Operations

Telephone: 312-985-3149
Mobile: 312-860-3774

[cid:image001.png@01D02A68.19FA64F0]

555 W. Adams 5th Floor
Chicago, IL 60661
transunion.com

This email including, without limitation, the attachments, if any, accompanying 
this email, may contain information which is confidential or privileged and 
exempt from disclosure under applicable law. The information is for the use of 
the intended recipient. If you are not the intended recipient, be aware that 
any disclosure, copying, distribution, review or use of the contents of this 
email, and/or its attachments, is without authorization and is prohibited. If 
you have received this email in error, please notify us by reply email 
immediately and destroy all copies of this email and its attachments.