Then I can only guess that in current configuration decrypted password is empty string.
Try to manually replace some characters in encpwd.txt file to see if you get different errors; try to delete this file completely to see if you get different errors. Try to add new line in this file; try to change password in config file. On November 2, 2016 at 5:23:33 PM, Jamie Jackson (jamieja...@gmail.com) wrote: I should have mentioned that I verified connectivity with plain passwords: From the same machine that Solr's running on: solr@000650cbdd5e:/opt/solr$ mysql -uroot -pOakton153 -h local.mysite.com mysite -e "select 'foo' as bar;" +-----+ | bar | +-----+ | foo | +-----+ Also, if I add the plain-text password to the config, it connects fine: <dataSource driver="org.mariadb.jdbc.Driver" url="jdbc:mysql://local.mysite.com:3306/mysite" user="root" password="Oakton153" /> So that is why I claim to have a problem with encryptKeyFile, specifically, because I've eliminated general connectivity/authentication problems. Thanks, Jamie On Wed, Nov 2, 2016 at 4:58 PM, Fuad Efendi <f...@efendi.ca> wrote: > In MySQL, this command will explicitly allow to connect from > remote ICZ2002912 host, check MySQL documentation: > > GRANT ALL ON mysite.* TO 'root’@'ICZ2002912' IDENTIFIED BY ‘Oakton123’; > > > > On November 2, 2016 at 4:41:48 PM, Fuad Efendi (f...@efendi.ca) wrote: > > This is the root of the problem: > "Access denied for user 'root'@'ICZ2002912' (using password: NO) “ > > > First of all, ensure that plain (non-encrypted) password settings work for > you. > > Check that you can connect using MySQL client from ICZ2002912 to your > MySQL & Co. instance > > I suspect you need to allow MySQL & Co. to accept connections > from ICZ2002912. Plus, check DNS resolution, etc. > > > Thanks, > > > -- > Fuad Efendi > (416) 993-2060 > http://www.tokenizer.ca > Recommender Systems > > > On November 2, 2016 at 2:37:08 PM, Jamie Jackson (jamieja...@gmail.com) > wrote: > > I'm at a brick wall. Here's the latest status: > > Here are some sample commands that I'm using: > > *Create the encryptKeyFile and encrypted password:* > > > encrypter_password='this_is_my_encrypter_password' > plain_db_pw='Oakton153' > > cd /var/docker/solr_stage2/credentials/ > echo -n "${encrypter_password}" > encpwd.txt > echo -n "${plain_db_pwd}" > plaindbpwd.txt > openssl enc -aes-128-cbc -a -salt -in plaindbpwd.txt -k > "${encrypter_password}" > > rm plaindbpwd.txt > > That generated this as the password, by the way: > > U2FsdGVkX19pBVTeZaSl43gFFAlrx+Th1zSg1GvlX9o= > > *Configure DIH configuration:* > > <dataConfig> > > <dataSource > driver="org.mariadb.jdbc.Driver" > url="jdbc:mysql://local.mysite.com:3306/mysite" > user="root" > password="U2FsdGVkX19pBVTeZaSl43gFFAlrx+Th1zSg1GvlX9o=" > encryptKeyFile="/opt/solr/credentials/encpwd.txt" > /> > ... > > > By the way, /var/docker/solr_stage2/credentials/ is mapped to > /opt/solr/credentials/ in the docker container, so that's why the paths > *seem* different (but aren't, really). > > > *Authentication error when data import is run:* > > Exception while processing: question document : > SolrInputDocument(fields: > []):org.apache.solr.handler.dataimport.DataImportHandlerException: > Unable to execute query: select 'foo' as bar; Processing > Document # 1 > at org.apache.solr.handler.dataimport.DataImportHandlerException. > wrapAndThrow(DataImportHandlerException.java:69) > at org.apache.solr.handler.dataimport.JdbcDataSource$ > ResultSetIterator.<init>(JdbcDataSource.java:323) > at org.apache.solr.handler.dataimport.JdbcDataSource. > getData(JdbcDataSource.java:283) > at org.apache.solr.handler.dataimport.JdbcDataSource. > getData(JdbcDataSource.java:52) > at org.apache.solr.handler.dataimport.SqlEntityProcessor. > initQuery(SqlEntityProcessor.java:59) > at org.apache.solr.handler.dataimport.SqlEntityProcessor. > nextRow(SqlEntityProcessor.java:73) > at org.apache.solr.handler.dataimport.EntityProcessorWrapper.nextRow( > EntityProcessorWrapper.java:244) > at org.apache.solr.handler.dataimport.DocBuilder. > buildDocument(DocBuilder.java:475) > at org.apache.solr.handler.dataimport.DocBuilder. > buildDocument(DocBuilder.java:414) > at org.apache.solr.handler.dataimport.DocBuilder. > doFullDump(DocBuilder.java:329) > at org.apache.solr.handler.dataimport.DocBuilder.execute( > DocBuilder.java:232) > at org.apache.solr.handler.dataimport.DataImporter. > doFullImport(DataImporter.java:416) > at org.apache.solr.handler.dataimport.DataImporter. > runCmd(DataImporter.java:480) > at org.apache.solr.handler.dataimport.DataImporter$1.run( > DataImporter.java:461) > Caused by: java.sql.SQLInvalidAuthorizationSpecException: Could not > connect: Access denied for user 'root'@'ICZ2002912' (using password: > NO) > at org.mariadb.jdbc.internal.util.ExceptionMapper.get( > ExceptionMapper.java:123) > at org.mariadb.jdbc.internal.util.ExceptionMapper.throwException( > ExceptionMapper.java:71) > at org.mariadb.jdbc.Driver.connect(Driver.java:109) > at org.apache.solr.handler.dataimport.JdbcDataSource$1. > call(JdbcDataSource.java:192) > at org.apache.solr.handler.dataimport.JdbcDataSource$1. > call(JdbcDataSource.java:172) > at org.apache.solr.handler.dataimport.JdbcDataSource. > getConnection(JdbcDataSource.java:503) > at org.apache.solr.handler.dataimport.JdbcDataSource$ > ResultSetIterator.<init>(JdbcDataSource.java:313) > ... 12 more > Caused by: org.mariadb.jdbc.internal.util.dao.QueryException: Could > not connect: Access denied for user 'root'@'ICZ2002912' (using > password: NO) > at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol. > authentication(AbstractConnectProtocol.java:524) > at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol. > handleConnectionPhases(AbstractConnectProtocol.java:472) > at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol.connect( > AbstractConnectProtocol.java:374) > at org.mariadb.jdbc.internal.protocol.AbstractConnectProtocol. > connectWithoutProxy(AbstractConnectProtocol.java:763) > at org.mariadb.jdbc.internal.util.Utils.retrieveProxy(Utils.java:469) > at org.mariadb.jdbc.Driver.connect(Driver.java:104) > ... 16 more > > > > On Thu, Oct 6, 2016 at 2:42 PM, Jamie Jackson <jamieja...@gmail.com> > wrote: > > > It happens to be ten characters. > > > > On Thu, Oct 6, 2016 at 12:44 PM, Alexandre Rafalovitch < > arafa...@gmail.com > > > wrote: > > > >> How long is the encryption key (file content)? Because the code I am > >> looking at seems to expect it to be at most 100 characters. > >> > >> Regards, > >> Alex. > >> ---- > >> Newsletter and resources for Solr beginners and intermediates: > >> http://www.solr-start.com/ > >> > >> > >> On 6 October 2016 at 23:26, Kevin Risden <compuwizard...@gmail.com> > >> wrote: > >> > I haven't tried this but is it possible there is a new line at the end > >> in > >> > the file? > >> > > >> > If you did something like echo "" > file.txt then there would be a new > >> > line. Use echo -n "" > file.txt > >> > > >> > Also you should be able to check how many characters are in the file. > >> > > >> > Kevin Risden > >> > > >> > On Wed, Oct 5, 2016 at 5:00 PM, Jamie Jackson <jamieja...@gmail.com> > >> wrote: > >> > > >> >> Hi Folks, > >> >> > >> >> (Using Solr 5.5.3.) > >> >> > >> >> As far as I know, the only place where encrypted password use is > >> documented > >> >> is in > >> >> https://cwiki.apache.org/confluence/display/solr/ > >> >> Uploading+Structured+Data+Store+Data+with+the+Data+Import+Handler, > >> >> under the "Configuring the DIH Configuration File", in a comment in > the > >> >> sample XML file: > >> >> > >> >> <!-- > >> >> Alternately the password can be encrypted as follows. This is the > value > >> >> obtained as a result of the command > >> >> openssl enc -aes-128-cbc -a -salt -in pwd.txt > >> >> password="U2FsdGVkX18QMjY0yfCqlfBMvAB4d3XkwY96L7gfO2o=" > >> >> WHen the password is encrypted, you must provide an extra attribute > >> >> encryptKeyFile="/location/of/encryptionkey" > >> >> This file should a text file with a single line containing the > >> >> encrypt/decrypt password > >> >> --> > >> >> > >> >> Anyway, I can encrypt just fine: > >> >> > >> >> $ openssl enc -aes-128-cbc -a -salt -in stgps.txt > >> >> enter aes-128-cbc encryption password: > >> >> Verifying - enter aes-128-cbc encryption password: > >> >> U2FsdGVkX1+VtVoQtmEREvB5qZjn3131+N4jRXmjyIY= > >> >> > >> >> > >> >> I can also decrypt just fine from the command line. > >> >> > >> >> However, if I use the encrypted password and encryptKeyFile in the > >> config > >> >> file, I end up with an error: "String length must be a multiple of > >> four." > >> >> > >> >> https://gist.github.com/jamiejackson/3852dacb03432328ea187d43ade5e4 > d9 > >> >> > >> >> How do I get this working? > >> >> > >> >> Thanks, > >> >> Jamie > >> >> > >> > > > > >
