I've only done it against Solr cloud, but I don't know a reason why it
wouldn't work against standalone Solr.
Nothing is jumping out at me as being wrong with your config. My JAAS
config was the following:
SolrJClient {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
keyTab="/Users/bbende/Projects/docker-kdc/krb5.keytab"
storeKey=true
useTicketCache=false
debug=true
principal="[email protected]";
};
Can you successfully access Solr from a curl command?
curl --negotiate -u :
"http://vmsol001.epg.nam.gm.com:8983/solr/collection1/select";
Assuming you did a kinit first.
On Fri, Oct 12, 2018 at 2:48 PM Dan Caulfield <[email protected]> wrote:
>
> When attempting to use the putsolrcontentstream (Version 1.6.0) to load json
> file into a Solr 6.3 cluster that requires Kerberos authentication.
>
>
>
> I have set the -D java.security.auth.login.config=/disk-1/nifi/jaas/jaas.conf
>
>
>
> And the jass file looks like this -
>
> MicroServicesSolrClient {
>
> com.sun.security.auth.module.Krb5LoginModule required
>
> useKeyTab=true
>
> storeKey=true
>
> keyTab="/disk-1/nifi/keytabs/MSSolrClient"
>
> serviceName="solr"
>
> principal="[email protected]";
>
> };
>
> GMASTSolrClient {
>
> com.sun.security.auth.module.Krb5LoginModule required
>
> useKeyTab=true
>
> storeKey=true
>
> useTicketCache=true
>
> debug=true
>
> keyTab="/disk-1/nifi/keytabs/GMSolrClient"
>
> serviceName="solr"
>
> principal="[email protected]";
>
> };
>
>
>
> The Processor is set to –
>
> Solr Type – Standard
>
> Solr Location - http://vmsol001.epg.nam.gm.com:8983/solr/collection1/
>
> Content Stream Path - /update/json/docs
>
> Content-Type – application/json
>
> JAAS Client App Name – GMASTSolrClient
>
>
>
> Does the 1.6 version of the PutSolrContentStream support Kerberos? We are
> getting the 401 authentication error -
>
>
>
>
>
> 198730787914459,size=119100] to Solr due to
> org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error
> from server at http://vmsol001.epg.nam.gm.com:8983/solr: Expected mime type
> application/octet-stream but got text/html. <html>
>
> <head>
>
> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
>
> <title>Error 401 Authentication required</title>
>
> </head>
>
> <body><h2>HTTP ERROR 401</h2>
>
> <p>Problem accessing /solr/select. Reason:
>
> <pre> Authentication required</pre></p>
>
> </body>
>
> </html>
>
> ; routing to failure:
> org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error
> from server at http://vmsol001.epg.nam.gm.com:8983/solr: Expected mime type
> application/octet-stream but got text/html. <html>
>
> <head>
>
> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
>
> <title>Error 401 Authentication required</title>
>
> </head>
>
> <body><h2>HTTP ERROR 401</h2>
>
> <p>Problem accessing /solr/select. Reason:
>
> <pre> Authentication required</pre></p>
>
> </body>
>
> </html>
>
>
>
> org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error
> from server at http://vmsol001.epg.nam.gm.com:8983/solr: Expected mime type
> application/octet-stream but got text/html. <html>
>
> <head>
>
> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
>
> <title>Error 401 Authentication required</title>
>
> </head>
>
> <body><h2>HTTP ERROR 401</h2>
>
> org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error
> from server at http://vmsol001.epg.nam.gm.com:8983/solr: Expected mime type
> application/octet-stream but got text/html. <html>
>
> <head>
>
> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
>
> <title>Error 401 Authentication required</title>
>
> </head>
>
> <body><h2>HTTP ERROR 401</h2>
>
> <p>Problem accessing /solr/select. Reason:
>
> <pre> Authentication required</pre></p>
>
> </body>
>
> </html>
>
>
>
> at
> org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:560)
>
> at
> org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:261)
>
> at
> org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:250)
>
> at
> org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:149)
>
> at
> org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:166)
>
> at
> org.apache.nifi.processors.solr.PutSolrContentStream$1.process(PutSolrContentStream.java:242)
>
> at
> org.apache.nifi.controller.repository.StandardProcessSession.read(StandardProcessSession.java:2207)
>
> at
> org.apache.nifi.controller.repository.StandardProcessSession.read(StandardProcessSession.java:2175)
>
> at
> org.apache.nifi.processors.solr.PutSolrContentStream.onTrigger(PutSolrContentStream.java:199)
>
> at
> org.apache.nifi.processor.AbstractProcessor.onTrigger(AbstractProcessor.java:27)
>
> at
> org.apache.nifi.controller.StandardProcessorNode.onTrigger(StandardProcessorNode.java:1147)
>
> at
> org.apache.nifi.controller.tasks.ConnectableTask.invoke(ConnectableTask.java:175)
>
> at
> org.apache.nifi.controller.scheduling.TimerDrivenSchedulingAgent$1.run(TimerDrivenSchedulingAgent.java:117)
>
> at
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>
> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308)
>
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180)
>
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294)
>
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>
> at java.lang.Thread.run(Thread.java:748)
>
>
> Dan Caulfield
> Hyper Scale Engineer
>
> GM – NA Information Technology – Hyper Scale Data Solutions
>
> [email protected]
>
>
>
>
>
> Nothing in this message is intended to constitute an electronic signature
> unless a specific statement to the contrary is included in this message.
>
> Confidentiality Note: This message is intended only for the person or entity
> to which it is addressed. It may contain confidential and/or privileged
> material. Any review, transmission, dissemination or other use, or taking of
> any action in reliance upon this message by persons or entities other than
> the intended recipient is prohibited and may be unlawful. If you received
> this message in error, please contact the sender and delete it from your
> computer.
