Turns out I had to specify the path param to /select, while setting the permission.
But this is random..I created a new permission and assigned it to the same user, and now the user with this role is able to get data. "set-permission": {"name": "read-collections", "role":"readonly","path":"/select"} How does this work ? Is there actually a permission called read-collections? > On Mar 5, 2019, at 7:08 PM, Aroop Ganguly <aroopgang...@icloud.com> wrote: > > Hi Team > > I am playing around with rule based auth and I wanted to create a role which > is readonly. > I gave the “read” permission to the role, but I am not able to get data from > the /select handler. > A simple select request results in this response: > > <html> > <head> > <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/> > <title>Error 403 Unauthorized request, Response code: 403</title> > </head> > <body><h2>HTTP ERROR 403</h2> > <p>Problem accessing /solr/my_collection/select. Reason: > <pre> Unauthorized request, Response code: 403</pre></p> > </body> > </html> > > What permission must I give to this role to let it have non-update read > access on solr endpoints? > > I went through the list of permissions listed here: > https://lucene.apache.org/solr/guide/6_6/rule-based-authorization-plugin.html#Rule-BasedAuthorizationPlugin-PredefinedPermissions > > <https://lucene.apache.org/solr/guide/6_6/rule-based-authorization-plugin.html#Rule-BasedAuthorizationPlugin-PredefinedPermissions>, > > but I cannot imagine this being an exhaustive list; be that as it may I > thought “read” seemed to be the right permission. > > Please advise. > > Thanks > Aroop