Turns out I had to specify the path param to /select, while setting the
permission.
But this is random..I created a new permission and assigned it to the same
user, and now the user with this role is able to get data.
"set-permission": {"name": "read-collections",
"role":"readonly","path":"/select"}
How does this work ? Is there actually a permission called read-collections?
> On Mar 5, 2019, at 7:08 PM, Aroop Ganguly <aroopgang...@icloud.com> wrote:
>
> Hi Team
>
> I am playing around with rule based auth and I wanted to create a role which
> is readonly.
> I gave the “read” permission to the role, but I am not able to get data from
> the /select handler.
> A simple select request results in this response:
>
> <html>
> <head>
> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
> <title>Error 403 Unauthorized request, Response code: 403</title>
> </head>
> <body><h2>HTTP ERROR 403</h2>
> <p>Problem accessing /solr/my_collection/select. Reason:
> <pre> Unauthorized request, Response code: 403</pre></p>
> </body>
> </html>
>
> What permission must I give to this role to let it have non-update read
> access on solr endpoints?
>
> I went through the list of permissions listed here:
> https://lucene.apache.org/solr/guide/6_6/rule-based-authorization-plugin.html#Rule-BasedAuthorizationPlugin-PredefinedPermissions
>
> <https://lucene.apache.org/solr/guide/6_6/rule-based-authorization-plugin.html#Rule-BasedAuthorizationPlugin-PredefinedPermissions>,
>
> but I cannot imagine this being an exhaustive list; be that as it may I
> thought “read” seemed to be the right permission.
>
> Please advise.
>
> Thanks
> Aroop
