Re: HTTP Basic Authentication with solr's jetty

Fri, 01 Nov 2013 08:44:53 -0700 

Thus wrote Fabiano Sidler:
> Hi folks!
> 
> I was asking this question last week already on the jetty mailing list, but
> haven't got any answer.
> 
> I'm going to run multiple Solr instances on one server, which arises the need
> of user authentication in front of Solr. I've done the following steps (after
> a lot of others which didn't work):
> 
> === snip ===
> diff -wur solr-4.5.0.orig/example/etc/jetty.xml 
> solr-4.5.0/example/etc/jetty.xml
> --- solr-4.5.0.orig/example/etc/jetty.xml 2013-09-12 14:12:53.000000000 +0200
> +++ solr-4.5.0/example/etc/jetty.xml     2013-10-28 17:14:49.000000000 +0100
> @@ -12,6 +12,16 @@
> 
>  <Configure id="Server" class="org.eclipse.jetty.server.Server">
> 
> +    <Call name="addBean">
> +      <Arg>
> +        <New class="org.eclipse.jetty.security.HashLoginService">
> +          <Set name="name">Test Realm</Set>
> +          <Set 
> name="config">/some/path/solr-4.5.0/example/passwords.properties</Set>
> +          <Set name="refreshInterval">0</Set>
> +        </New>
> +      </Arg>
> +    </Call>
> +
>      <!-- =========================================================== -->
>      <!-- Server Thread Pool                                          -->
>      <!-- =========================================================== -->
> diff -wur solr-4.5.0.orig/example/etc/webdefault.xml 
> solr-4.5.0/example/etc/webdefault.xml
> --- solr-4.5.0.orig/example/etc/webdefault.xml    2013-09-12 
> 14:12:53.000000000 +0200
> +++ solr-4.5.0/example/etc/webdefault.xml        2013-10-28 
> 17:27:43.000000000 +0100
> @@ -520,8 +520,14 @@
>        <url-pattern>/</url-pattern>
>        <http-method>TRACE</http-method>
>      </web-resource-collection>
> -    <auth-constraint/>
> +    <auth-constraint>
> +      <role-name>*</role-name>
> +    </auth-constraint>
>    </security-constraint>
> 
> +  <login-config>
> +    <auth-method>BASIC</auth-method>
> +    <realm-name>Test Realm</realm-name>
> +  </login-config>
>  </web-app>
> diff 
> === snap ===
> 
> The example/password.properties file contains the following test accounts:
> === snip ===
> user: user,user
> admin: admin,admin
> === snap ===
> 
> The problem now is that still no authentication is run by jetty and thus I
> can connect to Solr core without being authenticated. What is still neede
> to finally activate authentication?
> 
> Greetings,
> Fabiano

Hello? Not anyone with an idea or who has already done that?

Greetings,
Fabiano

Reply via email to