(solr) branch main updated: SOLR-18102: Fix Admin UI serving issue with basic auth (#4110)

Fri, 06 Feb 2026 13:02:54 -0800 

This is an automated email from the ASF dual-hosted git repository.

gerlowskija pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git


The following commit(s) were added to refs/heads/main by this push:
     new cd4410da164 SOLR-18102: Fix Admin UI serving issue with basic auth 
(#4110)
cd4410da164 is described below

commit cd4410da164c9ac7fa5d25631c5985759870c6b6
Author: Jason Gerlowski <[email protected]>
AuthorDate: Fri Feb 6 16:01:34 2026 -0500

    SOLR-18102: Fix Admin UI serving issue with basic auth (#4110)
    
    Co-authored-by: Jan Høydahl <[email protected]>
    Co-authored-by: Claude Sonnet 4.5 <[email protected]>
---
 solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java | 2 +-
 solr/packaging/test/test_basic_auth.bats                     | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java 
b/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java
index 1229aed8d0a..a77541be552 100644
--- a/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java
+++ b/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java
@@ -602,7 +602,7 @@ public class HttpSolrCall {
   private boolean shouldAuthorize() {
     if (PublicKeyHandler.PATH.equals(path)) return false;
     // admin/info/key is the path where public key is exposed . it is always 
unsecured
-    if ("/".equals(path) || "/solr/".equals(path))
+    if (StrUtils.isNullOrEmpty(path) || "/".equals(path) || 
"/solr/".equals(path))
       return false; // Static Admin UI files must always be served
     if (cores.getPkiAuthenticationSecurityBuilder() != null && 
req.getUserPrincipal() != null) {
       boolean b = 
cores.getPkiAuthenticationSecurityBuilder().needsAuthorization(req);
diff --git a/solr/packaging/test/test_basic_auth.bats 
b/solr/packaging/test/test_basic_auth.bats
index 973aa95f351..ab4932a7f5a 100644
--- a/solr/packaging/test/test_basic_auth.bats
+++ b/solr/packaging/test/test_basic_auth.bats
@@ -91,3 +91,9 @@ run solr create -c COLL_NAME
   #assert_output --partial "Deployment successful"
   #refute_output --partial "Invalid collection"
 }
+
+@test "admin UI static content is excepted from basic auth" {
+  run curl -I -s http://localhost:${SOLR_PORT}/solr/
+  assert_output --partial "HTTP/1.1 200"
+  assert_output --partial "Content-Type: text/html"
+}

Reply via email to