Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
7.7, 8.0
-
None
Description
SOLR-7896 made some changes to the admin ui login. After the changes I can no longer log in at all.
I'm running standalone solr 7.7 (same with 8.0) with the following security.json:
{
"authentication": {
"class": "solr.BasicAuthPlugin",
"blockUnknown": true,
"credentials": {
"solr": "IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="
},
},
"authorization": {
"class": "solr.RuleBasedAuthorizationPlugin",
"permissions": [
{
"name": "all",
"role": "admin"
}
],
"user-role": {
"solr": "admin"
}
}
}
Opening the UI at http://localhost:8080/solr/ shows an error page with 401. The login page is not displayed because of the "all" permission being required. The browser's basic auth popup is not shown because the WWW-Authenticate header is not present. Changing the RuleBasedAuthorizationPlugin required permission from "all" to "security-edit" makes the login page appear.
The bug can be reproduced as follows:
- unpack solr-8.0.0.zip
- copy the security.json example from https://lucene.apache.org/solr/guide/7_7/basic-authentication-plugin.html into server/solr/ and replace "name":"security-edit" with "name":"all"
- start with bin/solr -f -p 8080
- open http://localhost:8080/
The bug was discussed on solr-user list http://mail-archives.apache.org/mod_mbox/lucene-solr-user/201903.mbox/%3C7629BDDD-3D22-4203-9188-0E0A8DCF2FEE%40cominvent.com%3E
Attachments
Issue Links
- is related to
-
SOLR-13364 Make Admin UI aware of logged-in users permissions
-
- Resolved
-
- relates to
-
-
- Closed
-
- links to
