[SOLR-12279] Validate Boolean "bin/solr auth" Inputs - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Trivial
Resolution: Fixed
Affects Version/s: 8.0
Fix Version/s: 7.4, 8.0
Component/s: scripts and tools
Labels:
None

Description

The "auth" command in the bin/solr scripts has a handful of different parameters which take in boolean arguments. However, bin/solr blithely accepts invalid values without warning administrators in any way of the mistake.

In most cases, the results are innocuous. But in some cases, silently handling invalid input causes real issues. Consider:

$ bin/solr auth enable -type basicAuth -credentials anyUser:anyPass -blockUnknown ture
Successfully enabled basic auth with username [anyUser] and password [anyPass].
$ bin/solr auth enable -type basicAuth -credentials anyUser:anyPass -blockUnknown ture
Security is already enabled. You can disable it with 'bin/solr auth disable'. Existing security.json:
{
  "authentication":{
   "blockUnknown": false,
   "class":"solr.BasicAuthPlugin",
   "credentials":{"mount":"3FLVxpOGLt4dlqlyqxgsiFDbGX+i+dc81L6qEhuBdcI= lrH1W1pFGyGoAdTJ/Isuclh042fvz66ggG7YZ4e7YwA="}
  },
  ...
}

If an administrator accidentally mistypes or fatfingers "true" when enabling authentication, their Solr instance will remain unprotected without any warning!

The bin/solr auth tool should refuse to process invalid boolean arguments, or at the least spit out a warning in such cases.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SOLR-12279.patch
27/Apr/18 16:28
5 kB
Jason Gerlowski
repro.sh
26/Apr/18 16:33
0.4 kB
Jason Gerlowski

Activity

People

Assignee:: Jason Gerlowski

Reporter:: Jason Gerlowski

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 26/Apr/18 16:33

Updated:: 08/Jun/19 15:10

Resolved:: 01/Jun/18 10:48