Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-14569

Configuring a shardHandlerFactory on the /select requestHandler results in HTTP 401 when searching on alias in secured Solr



    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 8.5
    • 9.0, 8.11.2
    • Authentication
    • None
    • Unit test on master branch (9x) built on Windows 10 with Java 11
      Solr 8.5.0 instance running on CentOS 7.7 with Java 11


      The issue was first noticed on an instance of Solr 8.5.0, after securing Solr with security.json.

      Searching on a single collection returns the expected results, but searching on an alias returns HTTP 401.

      Note that this issue is not reproduced when the collections are created using the _default configuration.
      Update: Fast-forward to this comment for the reason why: https://issues.apache.org/jira/browse/SOLR-14569?focusedCommentId=17136195&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17136195

      The attached patch includes a unit test to query on an alias. Fixed and updated as per gerlowskija' comments
      Patch applies on master branch (9x).
      The unit test is added to the test class that was originally part of the patch to fix SOLR-13510.
      Update: Unit tests fail if sharHandlerFactory is added to the requestHandler in configset cloud-minimal

      I also attach:

      • our product-specific Solr configuration, modified to remove irrelevant plugins and fields
      • security.json with user 'admin' (pwd 'admin')
        • Note that forwardCredentials true or false does not modify the behavior

      To test with attached configuration solr_conf.zip or updated_solr_conf.zip:

      • Download and unzip Solr 8.5.0
      • Modify ./bin/solr.in.sh :
        • ZK_HOST (optional)
        • SOLR_AUTH_TYPE="basic"
        • SOLR_AUTHENTICATION_OPTS="-Dbasicauth=admin:admin"
      • Upload security.json into Zookeeper
      • Start Solr in cloud mode
        • ./bin/solr -c
      • Upload the provided configuration
      • ./bin/solr zk upconfig -z <zk_host>:<zk_port>[/<solr>] -n conf_en -d /path/to/folder/conf/
      • Create 2 collections using the uploaded configuration
        • test1, test2
      • Create an alias grouping the 2 collections
        • test = test1, test2
      • Query (/select?q=:) one collection
        • results in successful Solr response
      • Query the alias (/select?q=:)
        • results in HTTP 401

      There is no need to add documents to observe the issue.


        1. curl_requests-responses.txt
          2 kB
          Isabelle Giguere
        2. security.json
          0.4 kB
          Isabelle Giguere
        3. security.json
          0.4 kB
          Isabelle Giguere
        4. solr_conf.zip
          27 kB
          Isabelle Giguere
        5. solr.log
          817 kB
          Isabelle Giguere
        6. SOLR-14569.patch
          15 kB
          Isabelle Giguere
        7. SOLR-14569.patch
          4 kB
          Isabelle Giguere
        8. SOLR-14569.patch
          4 kB
          Isabelle Giguere
        9. SOLR-14569-mrm.patch
          19 kB
          Mark Robert Miller
        10. updated_solr_conf.zip
          27 kB
          Isabelle Giguere

        Issue Links



              markrmiller Mark Robert Miller
              igiguere Isabelle Giguere
              3 Vote for this issue
              11 Start watching this issue



                Time Tracking

                  Original Estimate - Not Specified
                  Not Specified
                  Remaining Estimate - 0h
                  Time Spent - 0.5h