Re: Adding authentication
This is a Solr problem and not ZK problem. This is something we have encountered before. Which version of java are you using? On Sat, Dec 8, 2018 at 1:42 AM Adam Blank wrote: > > Hi, > > I'm not sure if this would be more of a Zookeeper or Solr question, but I'm > hoping you can help me. I'm trying to add user authentication to my > SolrCloud configuration (to secure my Solr admin consoles). I have 3 > Zookeeper servers and 2 Solr nodes running. Zookeeper version 3.4.6 and > Solr version 5.5.0 on AIX. I have uploaded a security.json file to > Zookeeper using Solr's zkcli.sh script, and now I am prompted for a > username/password when logging into the Solr admin console as expected. > However, I am receiving the following error in my Solr log after rebooting: > > 2018-11-30 19:02:55.105 ERROR > (recoveryExecutor-3-thread-2-processing-n::8983_solr > x:formdoc_shard1_replica1 s:shard1 c:formdoc r:core_node1) [c:formdoc > s:shard1 r:core_node1 x:formdoc_shard1 > _replica1] o.a.s.c.RecoveryStrategy Error while trying to recover. > core=formdoc_shard1_replica1:java.util.concurrent.ExecutionException: > org.apache.solr.common.SolrException: java.security.InvalidKeyExcep > tion: Invalid RSA key for encrypting; n (1024) < 2048 > at java.util.concurrent.FutureTask.report(FutureTask.java:133) > at java.util.concurrent.FutureTask.get(FutureTask.java:203) > at > org.apache.solr.cloud.RecoveryStrategy.sendPrepRecoveryCmd(RecoveryStrategy.java:596) > at > org.apache.solr.cloud.RecoveryStrategy.doRecovery(RecoveryStrategy.java:353) > at > org.apache.solr.cloud.RecoveryStrategy.run(RecoveryStrategy.java:224) > at > java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:522) > at java.util.concurrent.FutureTask.run(FutureTask.java:277) > at > org.apache.solr.common.util.ExecutorUtil$MDCAwareThreadPoolExecutor$1.run(ExecutorUtil.java:231) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1160) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) > at java.lang.Thread.run(Thread.java:785) > Caused by: org.apache.solr.common.SolrException: > java.security.InvalidKeyException: Invalid RSA key for encrypting; n (1024) > < 2048 > at > org.apache.solr.util.CryptoKeys$RSAKeyPair.encrypt(CryptoKeys$RSAKeyPair.java:67) > at > org.apache.solr.security.PKIAuthenticationPlugin.setHeader(PKIAuthenticationPlugin.java:287) > at > org.apache.solr.security.PKIAuthenticationPlugin$HttpHeaderClientConfigurer.process(PKIAuthenticationPlugin.java:257) > at > org.apache.http.protocol.ImmutableHttpProcessor.process(ImmutableHttpProcessor.java:132) > at > org.apache.http.protocol.HttpRequestExecutor.preProcess(HttpRequestExecutor.java:166) > at > org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:485) > at > org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882) > at > org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) > at > org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) > at > org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55) > at > org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:481) > at > org.apache.solr.client.solrj.impl.HttpSolrClient$1.call(HttpSolrClient.java:284) > at > org.apache.solr.client.solrj.impl.HttpSolrClient$1.call(HttpSolrClient.java:280) > ... 5 more > Caused by: java.security.InvalidKeyException: Invalid RSA key for > encrypting; n (1024) < 2048 > at com.rsa.cryptoj.o.fy.engineInit(Unknown Source) > at com.rsa.cryptoj.o.fy.engineInit(Unknown Source) > at javax.crypto.Cipher.a(Unknown Source) > at javax.crypto.Cipher.a(Unknown Source) > at javax.crypto.Cipher.init(Unknown Source) > at javax.crypto.Cipher.init(Unknown Source) > at > org.apache.solr.util.CryptoKeys$RSAKeyPair.encrypt(CryptoKeys$RSAKeyPair.java:62) > ... 17 more > > I tried updating the Java class > org/apache/solr/util/CryptoKeys$RSAKeyPair.class > in ./server/solr-webapp/webapp/WEB-INF/lib/solr-core-5.5.0.jar to change > the hardcoded value of 1024 to 2048, however then I received the following > error: > > 2018-11-30 19:11:17.387 ERROR > (recoveryExecutor-3-thread-1-processing-n::8983_solr > x:formdoc_shard2_replica1 s:shard2 c:formdoc r:core_node2) [c:formdoc > s:shard2 r:core_node2 x:formdoc_shard2 > _replica1] o.a.s.c.RecoveryStrategy Error while trying to recover. > core=formdoc_shard2_replica1:java.util.concurrent.ExecutionException: > org.apache.solr.common.SolrException: javax.crypto.IllegalBlockSize > Exception: Invalid input. > at java.util.concurrent.FutureTask.report(FutureTask.java:133) >
Adding authentication
Hi, I'm not sure if this would be more of a Zookeeper or Solr question, but I'm hoping you can help me. I'm trying to add user authentication to my SolrCloud configuration (to secure my Solr admin consoles). I have 3 Zookeeper servers and 2 Solr nodes running. Zookeeper version 3.4.6 and Solr version 5.5.0 on AIX. I have uploaded a security.json file to Zookeeper using Solr's zkcli.sh script, and now I am prompted for a username/password when logging into the Solr admin console as expected. However, I am receiving the following error in my Solr log after rebooting: 2018-11-30 19:02:55.105 ERROR (recoveryExecutor-3-thread-2-processing-n::8983_solr x:formdoc_shard1_replica1 s:shard1 c:formdoc r:core_node1) [c:formdoc s:shard1 r:core_node1 x:formdoc_shard1 _replica1] o.a.s.c.RecoveryStrategy Error while trying to recover. core=formdoc_shard1_replica1:java.util.concurrent.ExecutionException: org.apache.solr.common.SolrException: java.security.InvalidKeyExcep tion: Invalid RSA key for encrypting; n (1024) < 2048 at java.util.concurrent.FutureTask.report(FutureTask.java:133) at java.util.concurrent.FutureTask.get(FutureTask.java:203) at org.apache.solr.cloud.RecoveryStrategy.sendPrepRecoveryCmd(RecoveryStrategy.java:596) at org.apache.solr.cloud.RecoveryStrategy.doRecovery(RecoveryStrategy.java:353) at org.apache.solr.cloud.RecoveryStrategy.run(RecoveryStrategy.java:224) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:522) at java.util.concurrent.FutureTask.run(FutureTask.java:277) at org.apache.solr.common.util.ExecutorUtil$MDCAwareThreadPoolExecutor$1.run(ExecutorUtil.java:231) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1160) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.lang.Thread.run(Thread.java:785) Caused by: org.apache.solr.common.SolrException: java.security.InvalidKeyException: Invalid RSA key for encrypting; n (1024) < 2048 at org.apache.solr.util.CryptoKeys$RSAKeyPair.encrypt(CryptoKeys$RSAKeyPair.java:67) at org.apache.solr.security.PKIAuthenticationPlugin.setHeader(PKIAuthenticationPlugin.java:287) at org.apache.solr.security.PKIAuthenticationPlugin$HttpHeaderClientConfigurer.process(PKIAuthenticationPlugin.java:257) at org.apache.http.protocol.ImmutableHttpProcessor.process(ImmutableHttpProcessor.java:132) at org.apache.http.protocol.HttpRequestExecutor.preProcess(HttpRequestExecutor.java:166) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:485) at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55) at org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:481) at org.apache.solr.client.solrj.impl.HttpSolrClient$1.call(HttpSolrClient.java:284) at org.apache.solr.client.solrj.impl.HttpSolrClient$1.call(HttpSolrClient.java:280) ... 5 more Caused by: java.security.InvalidKeyException: Invalid RSA key for encrypting; n (1024) < 2048 at com.rsa.cryptoj.o.fy.engineInit(Unknown Source) at com.rsa.cryptoj.o.fy.engineInit(Unknown Source) at javax.crypto.Cipher.a(Unknown Source) at javax.crypto.Cipher.a(Unknown Source) at javax.crypto.Cipher.init(Unknown Source) at javax.crypto.Cipher.init(Unknown Source) at org.apache.solr.util.CryptoKeys$RSAKeyPair.encrypt(CryptoKeys$RSAKeyPair.java:62) ... 17 more I tried updating the Java class org/apache/solr/util/CryptoKeys$RSAKeyPair.class in ./server/solr-webapp/webapp/WEB-INF/lib/solr-core-5.5.0.jar to change the hardcoded value of 1024 to 2048, however then I received the following error: 2018-11-30 19:11:17.387 ERROR (recoveryExecutor-3-thread-1-processing-n::8983_solr x:formdoc_shard2_replica1 s:shard2 c:formdoc r:core_node2) [c:formdoc s:shard2 r:core_node2 x:formdoc_shard2 _replica1] o.a.s.c.RecoveryStrategy Error while trying to recover. core=formdoc_shard2_replica1:java.util.concurrent.ExecutionException: org.apache.solr.common.SolrException: javax.crypto.IllegalBlockSize Exception: Invalid input. at java.util.concurrent.FutureTask.report(FutureTask.java:133) at java.util.concurrent.FutureTask.get(FutureTask.java:203) at org.apache.solr.cloud.RecoveryStrategy.sendPrepRecoveryCmd(RecoveryStrategy.java:596) at org.apache.solr.cloud.RecoveryStrategy.doRecovery(RecoveryStrategy.java:353) at org.apache.solr.cloud.RecoveryStrategy.run(RecoveryStrategy.java:224) at
Re: Adding authentication Token to the CommonsHttpSolrServer
On Fri, Mar 13, 2009 at 12:03 AM, Narayanan, Karthikeyan karthikeyan.naraya...@gs.com wrote: Hi, We have installed the Solr in Tomcat server and enabled the security constraint at the Tomcat level.. We require to pass the authentication token(cookie) to the search call that is made using CommonsHttpSolrServer. Would like to know how can I add the token to the CommonsHttpSolrServer. Appreciate any idea on this. I took a look at commons-httpclient javadocs. This should work: Create an instance of HttpState and use the HttpState#addCookie to add your auth cookie. Then you can create an instance of HttpClient and use HttpClient#setState method to pass the HttpState object. Finally pass this HttpClient object to the constructor of CommonsHttpSolrServer. -- Regards, Shalin Shekhar Mangar.
Re: Adding authentication Token to the CommonsHttpSolrServer
You should be able to pass any custom URL parameters using ModifiableSolrParams class. Otis -- Sematext -- http://sematext.com/ -- Lucene - Solr - Nutch - Original Message From: Narayanan, Karthikeyan karthikeyan.naraya...@gs.com To: solr-user@lucene.apache.org Sent: Thursday, March 12, 2009 2:33:28 PM Subject: Adding authentication Token to the CommonsHttpSolrServer Hi, We have installed the Solr in Tomcat server and enabled the security constraint at the Tomcat level.. We require to pass the authentication token(cookie) to the search call that is made using CommonsHttpSolrServer. Would like to know how can I add the token to the CommonsHttpSolrServer. Appreciate any idea on this. Thanks. Karthik
Adding authentication Token to the CommonsHttpSolrServer
Hi, We have installed the Solr in Tomcat server and enabled the security constraint at the Tomcat level.. We require to pass the authentication token(cookie) to the search call that is made using CommonsHttpSolrServer. Would like to know how can I add the token to the CommonsHttpSolrServer. Appreciate any idea on this. Thanks. Karthik