I'm trying to set up basic authentication/authorization with solr 6.6.0.
The documentation says to create a security.json file and describes the
content as:
{
"authentication":{
"class":"solr.BasicAuthPlugin",
"credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
},
"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions":[{"name":"security-edit",
"role":"admin"}]
"user-role":{"solr":"admin"}
}}
Does that mean to literally use exactly the above as the security.json content,
or customize it (in some fashion)?
The documentation also mentions that the initial admin person is a user named
"solr" with a password: "SolrRocks" What's unclear is whether that's the
password on which the hash (in security.json) was created or what?
What I can't figure out is whether the password hash is fixed, or whether it
should be generated, and if so, how?
Also, some people on the web recommend altering the jetty xml files to do this
- is it necessary too?
I'm certain this is fairly simple once I can get started - but I'm having
trouble getting past step 1, and any help would be appreciated.
Terry
