authentication

Thu, 16 Nov 2017 05:06:37 -0800 

Hi
I'm having trouble with setting up authentication. My security.json looks like this: 

{
        "authentication":{
                "class":"solr.BasicAuthPlugin",
                "blockUnknown": false,
                "credentials":{

"admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= 
Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=",
"nagios":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= 
Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=",
"smsc":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= 
Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="

                }
        },
        "authorization":{
                "class":"solr.RuleBasedAuthorizationPlugin",
                "user-role":{
                        "admin":"role_admin",
                        "nagios":"role_monitoring",
                        "smsc":"role_smsc"
                },
                "permissions":[
                        {
                                "name":"all",
                                "role":"role_admin"
                        },
                        {
                                "name":"config-read",
                                "role":"role_monitoring"
                        },
                        {
                                "name":"read",
                                "role":"role_smsc"
                        },
                        {
                                "name":"update",
                                "role":"role_smsc"
                        }
                ]
        }
}


When trying to login with for example check_solr_metrics.pl and the 
nagios user the output is "CRITICAL: 403 Unauthorized request, Response 
code: 403". Solr logging is showing these lines:



DEBUG - 2017-11-16 13:42:51.785; [c:smsc_lvs s:shard2 r:core_node1 
x:smsc_lvs_shard2_replica1] org.apache.solr.servlet.SolrDispatchFilter; 
Request to authenticate: Request(GET 
//solr01:8983/solr/mydoc/admin/mbeans?stats=true&cat=UPDATE&key=%2Fupdate&omitHeader=off&wt=json&start=0&rows=3)@2722dc57, 
domain: 10.1.1.42, port: 8983
DEBUG - 2017-11-16 13:42:51.786; [c:smsc_lvs s:shard2 r:core_node1 
x:smsc_lvs_shard2_replica1] org.apache.solr.servlet.SolrDispatchFilter; 
User principal: [principal: nagios]
DEBUG - 2017-11-16 13:42:51.786; [c:smsc_mydoc s:shard1 r:core_node2 
x:smsc_mydoc_shard1_replica1] org.apache.solr.servlet.HttpSolrCall; 
PkiAuthenticationPlugin says authorization required : true
DEBUG - 2017-11-16 13:42:51.786; [c:smsc_mydoc s:shard1 r:core_node2 
x:smsc_mydoc_shard1_replica1] org.apache.solr.servlet.HttpSolrCall; 
AuthorizationContext : userPrincipal: [[principal: nagios]] type: 
[UNKNOWN], collections: [smsc_mydoc, smsc_mydoc,], Path: [/admin/mbeans] 
path : /admin/mbeans params 
:stats=true&omitHeader=off&cat=UPDATE&start=0&rows=3&wt=json&key=/update&collection=smsc_mydoc
INFO  - 2017-11-16 13:42:51.786; [c:smsc_mydoc s:shard1 r:core_node2 
x:smsc_mydoc_shard1_replica1] 
org.apache.solr.security.RuleBasedAuthorizationPlugin; This resource is 
configured to have a permission {

  "name":"all",

  "role":"role_admin"}, The principal [principal: nagios] does not have 
the right role
INFO  - 2017-11-16 13:42:51.787; [c:smsc_mydoc s:shard1 r:core_node2 
x:smsc_mydoc_shard1_replica1] org.apache.solr.servlet.HttpSolrCall; 
USER_REQUIRED auth header Basic bmFnaW9zOlNvbHJSb2Nrcw== context : 
userPrincipal: [[principal: nagios]] type: [UNKNOWN], collections: 
[smsc_mydoc, smsc_mydoc,], Path: [/admin/mbeans] path : /admin/mbeans 
params 
:stats=true&omitHeader=off&cat=UPDATE&start=0&rows=3&wt=json&key=/update&collection=smsc_mydoc 

DEBUG - 2017-11-16 13:42:51.787; [c:smsc_mydoc s:shard1 r:core_node2 
x:smsc_mydoc_shard1_replica1] org.apache.solr.servlet.HttpSolrCall; 
Closing out SolrRequest: 
{stats=true&omitHeader=off&cat=UPDATE&start=0&rows=3&wt=json&key=/update&collection=smsc_mydoc}


Anybody an idea what I'm doing wrong here?

Thx!
Arkadi






















					Reply via email to