[
https://issues.apache.org/jira/browse/SOLR-16110?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17527185#comment-17527185
]
Eric Pugh edited comment on SOLR-16110 at 4/24/22 2:12 PM:
-----------------------------------------------------------
I did these steps before your patch, and things worked, which I didn't expect.
Notice, I DID have to turn on the security. WOuld you mind retesting? Your
intuition of what the problem is makes sense to me, I just can't duplicate the
error!
Test on Solr 8.11 branch
curl
"http://localhost:8983/solr/admin/configs?action=CREATE&name=test&baseName=_default";
--> security alert
bin/solr auth enable -type basicAuth -prompt true -z localhost:9983
-blockUnknown true
--> admin/password
curl -u admin:password
"http://localhost:8983/solr/admin/configs?action=CREATE&name=test&baseName=_default";
--> Works
curl -u admin:password
"http://localhost:8983/solr/admin/collections?action=CREATE&name=test&collection.configName=test&numShards=1";
--> WOrks
curl -u admin:password -X POST -H 'Content-Type: application/json' -i
http://localhost:8983/solr/test/schema --data '{
"add-field":{
"name":"my-field",
"type":"string",
"stored":true }
}'
echo '{"hello":"world"}' > test.json
--> WOrks
curl -u admin:password -X POST --header "Content-Type:application/json"
--data-binary @test.json
"http://localhost:8983/solr/admin/configs?action=UPLOAD&name=test&filePath=test.json";
was (Author: epugh):
I did these steps before your patch, and things worked, which I didn't expect.
Notice, I DID have to turn on the security....
Test on Solr 8.11 branch
curl
"http://localhost:8983/solr/admin/configs?action=CREATE&name=test&baseName=_default";
--> security alert
bin/solr auth enable -type basicAuth -prompt true -z localhost:9983
-blockUnknown true
--> admin/password
curl -u admin:password
"http://localhost:8983/solr/admin/configs?action=CREATE&name=test&baseName=_default";
--> Works
curl -u admin:password
"http://localhost:8983/solr/admin/collections?action=CREATE&name=test&collection.configName=test&numShards=1";
--> WOrks
curl -u admin:password -X POST -H 'Content-Type: application/json' -i
http://localhost:8983/solr/test/schema --data '{
"add-field":{
"name":"my-field",
"type":"string",
"stored":true }
}'
echo '{"hello":"world"}' > test.json
--> WOrks
curl -u admin:password -X POST --header "Content-Type:application/json"
--data-binary @test.json
"http://localhost:8983/solr/admin/configs?action=UPLOAD&name=test&filePath=test.json";
> Using Schema/Config API breaks the File-Upload of Config Set File
> -----------------------------------------------------------------
>
> Key: SOLR-16110
> URL: https://issues.apache.org/jira/browse/SOLR-16110
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: SolrCloud
> Affects Versions: 8.11.1
> Reporter: Steffen Moldenhauer
> Assignee: Eric Pugh
> Priority: Major
> Attachments: SOLR-16110-1.patch, SOLR-16110.patch
>
> Time Spent: 50m
> Remaining Estimate: 0h
>
> After using the Schema/Config API to change the config/schema in a config
> set, the UPLOAD of a file to this config set does not work anymore.
> The Schema/Config API changes the metadata that is stored at the config set
> node.
> There is a '\{trusted=false}' / '\{trusted=true} or an empty "no utf8
> Content" but after the Schema/Config API call it is replaced by a single 0
> byte. As a result the following upload of a file with Configset API throws a
> json parse error.
> *Steps to reproduce*
> Run solr cloud example: solr -e cloud -p 8984 Create Config set from
> _default:
> [http://localhost:8984/solr/admin/configs?action=CREATE&name=test&baseName=_default]
> Create Collection with Config set 'test':
> [http://localhost:8984/solr/admin/collections?action=CREATE&name=test&collection.configName=test&numShards=1]
>
> add field with Schema API call:
>
> {code:java}
> curl -X POST -H 'Content-Type: application/json' -i
> http://localhost:8984/solr/test/schema --data '{
> "add-field":{
> "name":"my-field",
> "type":"string",
> "stored":true }
> }'
> {code}
>
>
> Create a file test.json and try to upload it:
> {code:java}
> curl -X POST --header "Content-Type:application/json" --data-binary
> @test.json
> "http://localhost:8983/solr/admin/configs?action=UPLOAD&name=test&filePath=test.json&wt=xml&omitHeader=true"{code}
>
> Response:
> {code:java}
> <?xml version="1.0" encoding="UTF-8"?>
> <response><lst name="error">
> <str name="msg">JSON Parse Error: char=#0;,position=0 AFTER='#0;'
> BEFORE=''</str>
> <str name="trace">org.noggit.JSONParser$ParseException: JSON Parse Error:
> char=#0;,position=0 AFTER='#0;' BEFORE=''
> at org.noggit.JSONParser.err(JSONParser.java:452)
> at
> org.noggit.JSONParser.handleNonDoubleQuoteString(JSONParser.java:819)
> at org.noggit.JSONParser.next(JSONParser.java:1026)
> at org.noggit.JSONParser.nextEvent(JSONParser.java:1073)
> at org.noggit.ObjectBuilder.<init>(ObjectBuilder.java:84)
> at org.apache.solr.common.util.Utils.lambda$static$1(Utils.java:356)
> at org.apache.solr.common.util.Utils.fromJSON(Utils.java:319)
> at org.apache.solr.common.util.Utils.fromJSON(Utils.java:305)
> at
> org.apache.solr.handler.admin.ConfigSetsHandler.isCurrentlyTrusted(ConfigSetsHandler.java:328)
> at
> org.apache.solr.handler.admin.ConfigSetsHandler.ensureOverwritingUntrustedConfigSet(ConfigSetsHandler.java:308)
> at
> org.apache.solr.handler.admin.ConfigSetsHandler.createBaseZnode(ConfigSetsHandler.java:269)
> at
> org.apache.solr.handler.admin.ConfigSetsHandler.handleConfigUploadRequest(ConfigSetsHandler.java:205)
> at
> org.apache.solr.handler.admin.ConfigSetsHandler.handleRequestBody(ConfigSetsHandler.java:113)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:216)
> at
> org.apache.solr.servlet.HttpSolrCall.handleAdmin(HttpSolrCall.java:836)
> at
> org.apache.solr.servlet.HttpSolrCall.handleAdminRequest(HttpSolrCall.java:800)
> at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:545)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:427)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:357)
> at
> org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:201)
> at
> org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:600)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
> at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:191)
> at
> org.eclipse.jetty.server.handler.InetAccessHandler.handle(InetAccessHandler.java:177)
> at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
> at
> org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:322)
> at
> org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:763)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
> at org.eclipse.jetty.server.Server.handle(Server.java:516)
> at
> org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:400)
> at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:645)
> at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:392)
> at
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
> at
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
> at
> org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
> at
> org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
> at
> org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
> at
> org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
> at
> org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
> at
> org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
> at java.lang.Thread.run(Thread.java:748)
> </str>
> <int name="code">500</int>
> </lst>
> </response>{code}
>
> *Expected Behavior*
> The info at the zookeeper config set node 'trusted=true/false' or 'no content
> ' is kept as it is.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
