Hi Jan, Alan, I am having same issue, unable to make the delete/update/query tests fails for basic authentication. Interestingly after setting up cluster, collection and upload of security.json within the test and putting a breakpoint, if i open the URL "http://127.0.0.1:<port>/solr/admin/authentication thru browser / rest client it asks for credential but somehow the HttpClient returns 200 even though with incorrect credential.
I thought HttpClient may be caching but it doesn't look like. Here is the updated pull request https://github.com/apache/lucene-solr/pull/69/files Also the same code works if I point to my dev solr cluster/instance but within test it doesn't. HttpSolrClient.java --- final HttpResponse response = httpClient.execute(method, httpClientRequestContext); int httpStatus = response.getStatusLine().getStatusCode(); On Thu, Oct 20, 2016 at 11:09 AM, Susheel Kumar (JIRA) <[email protected]> wrote: > > [ https://issues.apache.org/jira/browse/SOLR-9399?page= > com.atlassian.jira.plugin.system.issuetabpanels:comment- > tabpanel&focusedCommentId=15592078#comment-15592078 ] > > Susheel Kumar commented on SOLR-9399: > ------------------------------------- > > I recall something similar experience but let me again look after test has > been refactored to make it fail first. > > > > > > Delete requests do not send credentials & fails for Basic Authentication > > ------------------------------------------------------------------------ > > > > Key: SOLR-9399 > > URL: https://issues.apache.org/jira/browse/SOLR-9399 > > Project: Solr > > Issue Type: Bug > > Security Level: Public(Default Security Level. Issues are Public) > > Components: SolrJ > > Affects Versions: 6.0, 6.0.1, 6.x > > Reporter: Susheel Kumar > > Labels: security > > > > The getRoutes(..) func of UpdateRequest do not pass credentials to > LBHttpSolrClient when deleteById is set while for updates it passes the > credentials. See below code snippet > > if (deleteById != null) { > > > > Iterator<Map.Entry<String,Map<String,Object>>> entries = > deleteById.entrySet() > > .iterator(); > > while (entries.hasNext()) { > > > > Map.Entry<String,Map<String,Object>> entry = entries.next(); > > > > String deleteId = entry.getKey(); > > Map<String,Object> map = entry.getValue(); > > Long version = null; > > if (map != null) { > > version = (Long) map.get(VER); > > } > > Slice slice = router.getTargetSlice(deleteId, null, null, null, > col); > > if (slice == null) { > > return null; > > } > > List<String> urls = urlMap.get(slice.getName()); > > if (urls == null) { > > return null; > > } > > String leaderUrl = urls.get(0); > > LBHttpSolrClient.Req request = routes.get(leaderUrl); > > if (request != null) { > > UpdateRequest urequest = (UpdateRequest) request.getRequest(); > > urequest.deleteById(deleteId, version); > > } else { > > UpdateRequest urequest = new UpdateRequest(); > > urequest.setParams(params); > > urequest.deleteById(deleteId, version); > > urequest.setCommitWithin(getCommitWithin()); > > request = new LBHttpSolrClient.Req(urequest, urls); > > routes.put(leaderUrl, request); > > } > > } > > } > > > > -- > This message was sent by Atlassian JIRA > (v6.3.4#6332) > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
