I got your screenshot (https://www.dropbox.com/s/7tbn7gx3uag6jcg/crippledSolrGUI.jpg?dl=0 <https://www.dropbox.com/s/7tbn7gx3uag6jcg/crippledSolrGUI.jpg?dl=0>)
This is quite uncommon. You should see a loging screen if you have basicAuth enabled. Have you tried a different browser? What do you get if you run this command curl -i http://your-solr-url/solr/admin/info/system Or if you use your browser’s developer tools to inspect network traffic? Jan > 12. des. 2019 kl. 23:49 skrev Jan Høydahl <jan....@cominvent.com>: > > Attachments are stripped from list, can you post a link to the screenshot of > the UI when you first visit? > > Jan > >> 12. des. 2019 kl. 17:27 skrev Oakley, Craig (NIH/NLM/NCBI) [C] >> <craig.oak...@nih.gov.INVALID>: >> >> Below is the security.json (with password hashes redacted): in Solr7.4 it >> prompts for a password and (if you get it right) lets you into the whole >> GUI; But in Solr8.1.1 and in Solr 8.3, it does not prompt for a password >> before letting you into a crippled version of the GUI (as depicted in the >> attachment) >> >> { >> "authentication":{ >> "class":"solr.BasicAuthPlugin", >> "credentials":{ >> "solradmin":"[redacted]", >> "pysolrmon":"[redacted]", >> "solrtrg":"[redacted]"}, >> "":{"v":2}}, >> "authorization":{ >> "class":"solr.RuleBasedAuthorizationPlugin", >> "user-role":{ >> "solradmin":[ >> "admin", >> "allgen", >> "trgadmin", >> "genadmin"], >> "solrtrg":[ >> "trgadmin", >> "allgen"], >> "pysolrmon":["clustatus_role"]}, >> "permissions":[ >> { >> "name":"gen_admin", >> "collection":"NULL", >> "path":"/admin/cores", >> "params":{"action":[ >> "REGEX:(?i)CREATE", >> "REGEX:(?i)RENAME", >> "REGEX:(?i)SWAP", >> "REGEX:(?i)UNLOAD", >> "REGEX:(?i)SPLIT"]}, >> "role":"genadmin"}, >> { >> "name":"col_admin", >> "collection":null, >> "path":"/admin/collections", >> "params":{"action":[ >> "REGEX:(?i)CREATE", >> "REGEX:(?i)MODIFYCOLLECTION", >> "REGEX:(?i)SPLITSHARD", >> "REGEX:(?i)CREATESHARD", >> "REGEX:(?i)DELETESHARD", >> "REGEX:(?i)CREATEALIAS", >> "REGEX:(?i)DELETEALIAS", >> "REGEX:(?i)DELETE", >> "REGEX:(?i)DELETEREPLICA", >> "REGEX:(?i)ADDREPLICA", >> "REGEX:(?i)CLUSTERPROP", >> "REGEX:(?i)MIGRATE", >> "REGEX:(?i)ADDROLE", >> "REGEX:(?i)REMOVEROLE", >> "REGEX:(?i)ADDREPLICAPROP", >> "REGEX:(?i)DELETEREPLICAPROP", >> "REGEX:(?i)BALANCESHARDUNIQUE", >> "REGEX:(?i)REBALANCELEADERS", >> "REGEX:(?i)FORCELEADER", >> "REGEX:(?i)MIGRATESTATEFORMAT"]}, >> "role":"genadmin"}, >> { >> "name":"security-edit", >> "role":"admin"}, >> { >> "name":"clustatus", >> "path":"/admin/collections", >> "params":{"action":["REGEX:(?i)CLUSTERSTATUS"]}, >> "role":[ >> "clustatus_role", >> "allgen"], >> "collection":null}, >> { >> "name":"corestatus", >> "path":"/admin/cores", >> "params":{"action":["REGEX:(?i)STATUS"]}, >> "role":[ >> "allgen", >> "clustatus_role"], >> "collection":null}, >> { >> "name":"trgadmin", >> "collection":"trg_col", >> "path":"/admin/*", >> "role":"trgadmin"}, >> { >> "name":"open_select", >> "path":"/select/*", >> "role":null}, >> { >> "name":"open_search", >> "path":"/search/*", >> "role":null}, >> { >> "name":"catch-all-nocollection", >> "collection":null, >> "path":"/*", >> "role":"allgen"}, >> { >> "name":"catch-all-collection", >> "path":"/*", >> "role":"allgen"}, >> { >> "name":"all-admincol", >> "collection":null, >> "path":"/admin/collections", >> "role":"allgen"}, >> { >> "name":"all-admincores", >> "collection":null, >> "path":"/admin/cores", >> "role":"allgen"}], >> "":{"v":5}}} >> >> -----Original Message----- >> From: Jan Høydahl <jan....@cominvent.com> >> Sent: Wednesday, December 11, 2019 7:35 PM >> To: solr-user@lucene.apache.org >> Subject: Re: Solr8 changes how security.json restricts access to GUI >> >> Please show your complete Security.json so we know how auth is configured. >> Which 8.x version are you trying? There should be a login screen shown in >> admin UI now. >> >> Jan Høydahl >> >>> 11. des. 2019 kl. 22:40 skrev Oakley, Craig (NIH/NLM/NCBI) [C] >>> <craig.oak...@nih.gov.invalid>: >>> >>> In Solr 7, we had clauses in our security.json saying >>> >>> { >>> "name":"all-admin", >>> "collection":null, >>> "path":"/*", >>> "role":"allgen", >>> "index":15}, >>> { >>> "name":"all-core-handlers", >>> "path":"/*", >>> "role":"allgen", >>> "index":16}, >>> >>> We granted the role allgen to all users; but this kept our security folk >>> happy in that no one could even get to the top level of the Solr GUI >>> without a password. >>> >>> Now under Solr 8, the GUI does not prompt for a password. It just brings >>> you into the GUI (albeit a stripped down version, saying such things as "No >>> cores available"). By what means can we require a password to get this far? >>> And by what means can we prompt for a password in order to get further? >
