RE: Setting up basic authentication in Solr 8.11.1 Standalone
Thanks Jan, worked like a charm!
Thanks,
RICK HODDER
Staff Software Engineer
Global Specialty
The Hartford
83 Wooster Heights Rd. | 2nd floor
Danbury, CT, 06810
W: 475-329-6251
Email: richard.hod...@thehartford.com
www.thehartford.com
www.facebook.com/thehartford
twitter.com/thehartford
-Original Message-
From: Jan Høydahl
Sent: Wednesday, February 28, 2024 5:22 PM
To: users@solr.apache.org
Subject: Re: Setting up basic authentication in Solr 8.11.1 Standalone
CAUTION: This email originated from outside the organization. Do not click
links or open attachments unless you recognize the sender and know the content
is safe.
You need a few more permissions in order for that Admin screen to work. Try
instead the default security.json generated by bin/solr auth enable (cloud
mode):
{
"authentication":{
"blockUnknown": true,
"class":"solr.BasicAuthPlugin",
"credentials":{"solr":"cHFNAKbTL930UaGklonJT02g/NVUSbUc0cn2ssvV5sA=
xG5Fa6oifv6deIHWnRSus4hxfq5mOxTwdwy9GZDeHgc="}
},
"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions":[
{"name":"security-edit", "role":"admin"},
{"name":"security-read", "role":"admin"},
{"name":"config-edit", "role":"admin"},
{"name":"config-read", "role":"admin"},
{"name":"collection-admin-edit", "role":"admin"},
{"name":"collection-admin-read", "role":"admin"},
{"name":"core-admin-edit", "role":"admin"},
{"name":"core-admin-read", "role":"admin"},
{"name":"all", "role":"admin"}
],
"user-role":{"solr":"admin"}
}
}
Jan
> 28. feb. 2024 kl. 21:57 skrev Hodder, Rick (Chief Information Office - IT)
> :
>
> Hi,
>
> I have an existing 8.11.1 standalone installation on a windows server, and I
> have been asked to make it run under basic authentication.
>
> I have created security.json file in the solr home folder used the
> contents of the sample on Configuring Authentication, Authorization
> and Audit Logging | Apache Solr Reference Guide 8.11
> <https://urldefense.com/v3/__https://solr.apache.org/guide/8_11/authen
> tication-and-authorization-plugins.html*enable-plugins-with-security-j
> son__;Iw!!PZ0xAML5PpHLxYfxmvfEjrhN5g!UKWTgUEO68E3z34048t6bOqHqOBx3NQrV
> ym70IktnNnoWqIeHb7EstVu_WZmylflVPxrJ4SkxKlOSevRGPa7wv7aTw$ >
>
> {
> "authentication":{
>"class":"solr.BasicAuthPlugin",
>"credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
> },
> "authorization":{
>"class":"solr.RuleBasedAuthorizationPlugin",
>"permissions":[{"name":"security-edit",
> "role":"admin"}],
>"user-role":{"solr":"admin"}
> }
> }
>
> Which is supposed to create a user solr with the password “SolrRocks” with
> admin privileges.
>
> I restart SOLR and then click on Security and I am taken to a page
> that says
>
> Current user is not authenticated! Security panel is disabled.
> You do not have permission to view the security panel.
>
> I don’t get a log in window or anything.
>
> Can someone tell me what I need to do next?
>
> Thanks,
>
> RICK HODDER
> Staff Software Engineer
> Global Specialty
> <https://www.thehartford.com/>
> The Hartford
> 83 Wooster Heights Rd. | 2nd floor
> Danbury, CT, 06810
> W: 475-329-6251
>
> Email: richard.hod...@thehartford.com
> <mailto:richard.hod...@thehartford.com>
> http://www.thehartford.com <https://www.thehartford.com/>
> https://urldefense.com/v3/__http://www.facebook.com/thehartford__;!!PZ0xAML5PpHLxYfxmvfEjrhN5g!UKWTgUEO68E3z34048t6bOqHqOBx3NQrVym70IktnNnoWqIeHb7EstVu_WZmylflVPxrJ4SkxKlOSevRGPascqhPYQ$
>
> <https://urldefense.com/v3/__https://www.facebook.com/thehartford__;!!PZ0xAML5PpHLxYfxmvfEjrhN5g!UKWTgUEO68E3z34048t6bOqHqOBx3NQrVym70IktnNnoWqIeHb7EstVu_WZmylflVPxrJ4SkxKlOSevRGPZRiRFEqA$
> >
> https://urldefense.com/v3/__http://twitter.com/thehartf
Re: Setting up basic authentication in Solr 8.11.1 Standalone
You need a few more permissions in order for that Admin screen to work. Try
instead the default security.json generated by bin/solr auth enable (cloud
mode):
{
"authentication":{
"blockUnknown": true,
"class":"solr.BasicAuthPlugin",
"credentials":{"solr":"cHFNAKbTL930UaGklonJT02g/NVUSbUc0cn2ssvV5sA=
xG5Fa6oifv6deIHWnRSus4hxfq5mOxTwdwy9GZDeHgc="}
},
"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions":[
{"name":"security-edit", "role":"admin"},
{"name":"security-read", "role":"admin"},
{"name":"config-edit", "role":"admin"},
{"name":"config-read", "role":"admin"},
{"name":"collection-admin-edit", "role":"admin"},
{"name":"collection-admin-read", "role":"admin"},
{"name":"core-admin-edit", "role":"admin"},
{"name":"core-admin-read", "role":"admin"},
{"name":"all", "role":"admin"}
],
"user-role":{"solr":"admin"}
}
}
Jan
> 28. feb. 2024 kl. 21:57 skrev Hodder, Rick (Chief Information Office - IT)
> :
>
> Hi,
>
> I have an existing 8.11.1 standalone installation on a windows server, and I
> have been asked to make it run under basic authentication.
>
> I have created security.json file in the solr home folder used the contents
> of the sample on Configuring Authentication, Authorization and Audit Logging
> | Apache Solr Reference Guide 8.11
>
>
> {
> "authentication":{
>"class":"solr.BasicAuthPlugin",
>"credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
> },
> "authorization":{
>"class":"solr.RuleBasedAuthorizationPlugin",
>"permissions":[{"name":"security-edit",
> "role":"admin"}],
>"user-role":{"solr":"admin"}
> }
> }
>
> Which is supposed to create a user solr with the password “SolrRocks” with
> admin privileges.
>
> I restart SOLR and then click on Security and I am taken to a page that says
>
> Current user is not authenticated! Security panel is disabled.
> You do not have permission to view the security panel.
>
> I don’t get a log in window or anything.
>
> Can someone tell me what I need to do next?
>
> Thanks,
>
> RICK HODDER
> Staff Software Engineer
> Global Specialty
>
> www.thehartford.com
> twitter.com/thehartford
>
>
>
> **
> This communication, including attachments, is for the exclusive use of
> addressee and may contain proprietary, confidential and/or privileged
> information. If you are not the intended recipient, any use, copying,
> disclosure, dissemination or distribution is strictly prohibited. If you are
> not the intended recipient, please notify the sender immediately by return
> e-mail, delete this communication and destroy all copies.
>
> **
