The hash value
"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="
is based on both the plain text password AND the plain test login. Since
"solr" is not the same string as "solr-admin", the password will not work. If
the only authorization in security.json is restricting security-edit, then you
can do anything else with any password, or with no password.
What you can do is setup the security.json file as specified in the Reference
Guide (whence you got the hash of the login and password), then use the default
solr login to run your set-user (to add the solr-admin user alongside the
existing solr login), then use the default solr login to run
{"set-user-role":{"solr-admin":["security-edit"]}}, and then (when you are sure
things are correctly setup for solr-admin) drop the default solr login
-----Original Message-----
From: Salmaan Rashid Syed <salmaan.ras...@mroads.com>
Sent: Thursday, August 01, 2019 7:51 AM
To: solr-user@lucene.apache.org
Subject: Re: Basic Authentication problem
Hi Solr User,
Please help me with my issue.
I have enabled Solr basic authentication as shown in Solr documentations.
I have changed username from solr to solr-admin as follow
{
"authentication":{
"blockUnknown": true,
"class":"solr.BasicAuthPlugin",
"credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
},
"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions":[{"name":"security-edit",
"role":"admin"}],
"user-role":{"solr-admin":"admin"}
}}
I am able to login to the page using the credentials solr-admin:SolrRocks.
But, when I try to change the default password using the curl command as
follows,
curl --user solr-admin:SolrRocks
http://localhost:8983/solr/admin/authentication -H
'Content-type:application/json' -d '{"set-user":{"solr-admin":"s2019"}}'
I get the following error message,
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 403 Unauthorized request, Response code: 403</title>
</head>
<body><h2>HTTP ERROR 403</h2>
<p>Problem accessing /solr/admin/authentication. Reason:
<pre> Unauthorized request, Response code: 403</pre></p>
</body>
</html>
Please help.
Regards,
Salmaan
On Thu, Aug 1, 2019 at 1:51 PM Salmaan Rashid Syed <
salmaan.ras...@mroads.com> wrote:
> Small correction in the user-name. It is solr-admin everywhere.
>
> Hi Solr Users,
>
> I have enabled Solr basic authentication as shown in Solr documentations.
>
> I have changed username from solr to solr-admin as follow
>
> {
> "authentication":{
> "blockUnknown": true,
> "class":"solr.BasicAuthPlugin",
>
> "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
> },
> "authorization":{
> "class":"solr.RuleBasedAuthorizationPlugin",
> "permissions":[{"name":"security-edit",
> "role":"admin"}],
> "user-role":{"solr-admin":"admin"}
> }}
>
> I am able to login to the page using the credentials
> mroads-solr-admin:SolrRocks.
>
> But, when I try to change the default password using the curl command as
> follows,
>
> curl --user solr-admin:SolrRocks
> http://localhost:8983/solr/admin/authentication -H
> 'Content-type:application/json' -d '{"set-user":{"solr-admin":"s2019"}}'
>
>
>
> I get the following error message,
>
>
> <html>
>
> <head>
>
> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
>
> <title>Error 403 Unauthorized request, Response code: 403</title>
>
> </head>
>
> <body><h2>HTTP ERROR 403</h2>
>
> <p>Problem accessing /solr/admin/authentication. Reason:
>
> <pre> Unauthorized request, Response code: 403</pre></p>
>
> </body>
>
> </html>
>
>
> Please help.
>
>
> *Thanks and Regards,*
> Salmaan Rashid Syed
> +91 8978353445 | www.panna.ai |
> 5550 Granite Pkwy, Suite #225, Plano TX-75024.
> Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.
>
>
>
> On Thu, Aug 1, 2019 at 1:48 PM Salmaan Rashid Syed <
> salmaan.ras...@mroads.com> wrote:
>
>> Hi Solr Users,
>>
>> I have enabled Solr basic authentication as shown in Solr documentations.
>>
>> I have changed username from solr to solr-admin as follow
>>
>> {
>> "authentication":{
>> "blockUnknown": true,
>> "class":"solr.BasicAuthPlugin",
>>
>> "credentials":{"solr-admin":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
>> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
>> },
>> "authorization":{
>> "class":"solr.RuleBasedAuthorizationPlugin",
>> "permissions":[{"name":"security-edit",
>> "role":"admin"}],
>> "user-role":{"solr-admin":"admin"}
>> }}
>>
>> I am able to login to the page using the credentials
>> mroads-solr-admin:SolrRocks.
>>
>> But, when I try to change the default password using the curl command as
>> follows,
>>
>> curl --user mroads-solr-admin:SolrRocks
>> http://localhost:8983/solr/admin/authentication -H
>> 'Content-type:application/json' -d '{"set-user":{"mroads-solr":"Mroads@2019
>> #"}}'
>>
>>
>>
>> I get the following error message,
>>
>>
>> <html>
>>
>> <head>
>>
>> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
>>
>> <title>Error 403 Unauthorized request, Response code: 403</title>
>>
>> </head>
>>
>> <body><h2>HTTP ERROR 403</h2>
>>
>> <p>Problem accessing /solr/admin/authentication. Reason:
>>
>> <pre> Unauthorized request, Response code: 403</pre></p>
>>
>> </body>
>>
>> </html>
>>
>>
>> Please help.
>>
>>
>>
>> *Thanks and Regards,*
>> Salmaan Rashid Syed
>> +91 8978353445 | www.panna.ai |
>> 5550 Granite Pkwy, Suite #225, Plano TX-75024.
>> Cyber Gateways, Hi-tech City, Hyderabad, Telangana, India.
>>
>>
>
