Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Cannot Reproduce
-
None
-
None
-
None
-
None
Description
as noted on solr-user by Kristine Jetzke, and trivially to reproduce...
# interactively launch solr cloud $ bin/solr -e cloud # ... for simplicity of test, pick a single node, 1 shard, 1 replica # now upload security.json from wiki page... # https://cwiki.apache.org/confluence/display/solr/Basic+Authentication+Plugin $ server/scripts/cloud-scripts/zkcli.sh -zkhost localhost:9983 -cmd put /security.json '{ "authentication":{ "class":"solr.BasicAuthPlugin", "credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="} }, "authorization":{ "class":"solr.RuleBasedAuthorizationPlugin", "permissions":[{"name":"security-edit", "role":"admin"}], "user-role":{"solr":"admin"} }}' # now stop & restart the single node we are using... $ bin/solr stop -all $ bin/solr restart -c -p 8983 -s example/cloud/node1/solr # valid credentials are accepted... $ curl -u 'solr:SolrRocks' 'http://localhost:8983/solr/gettingstarted/select?q=*%3A*&wt=json&indent=true' { "responseHeader":{ "status":0, "QTime":0, "params":{ "q":"*:*", "indent":"true", "wt":"json"}}, "response":{"numFound":0,"start":0,"docs":[] }} # invalid credentials are denied... $ curl -u 'solr:SolrBogus' 'http://localhost:8983/solr/gettingstarted/select?q=*%3A*&wt=json&indent=true' <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Error 401 Bad credentials</title> </head> <body><h2>HTTP ERROR 401</h2> <p>Problem accessing /solr/gettingstarted/select. Reason: <pre> Bad credentials</pre></p><hr><i><small>Powered by Jetty://</small></i><hr/> </body> </html> # requests w/o credentials are accepted even though they should be denied... $ curl 'http://localhost:8983/solr/gettingstarted/select?q=*%3A*&wt=json&indent=true'{ "responseHeader":{ "status":0, "QTime":0, "params":{ "q":"*:*", "indent":"true", "wt":"json"}}, "response":{"numFound":0,"start":0,"docs":[] }}