Re: Unbuffered Exception while setting permissions
Hi Lance, Thankyou so much. It worked with pre-emptive authentication On Thu, Jul 1, 2010 at 2:15 AM, Lance Norskog goks...@gmail.com wrote: Other problems with this error have been solved by doing pre-emptive authentication. On Wed, Jun 30, 2010 at 4:26 AM, Rakhi Khatwani rkhatw...@gmail.com wrote: This error usually occurs when i do a server.add(inpDoc). Behind the logs: 192.168.0.106 - - [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/update?qt=%2Fupdateoptimize=truewt=javabinversion=1 HTTP/1.1 200 41 192.168.0.106 - - [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/select?q=aid%3A30234wt=javabinversion=1 HTTP/1.1 401 1389 192.168.0.106 - admin [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/select?q=aid%3A30234wt=javabinversion=1 HTTP/1.1 200 70 192.168.0.106 - - [30/Jun/2010:11:30:38 +] POST /solr/GPTWPI/update?wt=javabinversion=1 HTTP/1.1 200 41 (Works when i comment out the auth-constraint for RW) AND 192.168.0.106 - - [30/Jun/2010:11:29:09 +] POST /solr/GPTWPI/update?wt=javabinversion=1 HTTP/1.1 401 1389 (Does not work when i add the auth-constraint for RW) 192.168.0.106 - - [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/update?qt=%2Fupdatecommit=truewt=javabinversion=1 HTTP/1.1 200 41 so what i conclude is that the authentication does not work when we do a POST method and works for GET methods. correct me if i am wrong. and how do i get it working? Regards, Raakhi On Wed, Jun 30, 2010 at 2:22 PM, Rakhi Khatwani rkhatw...@gmail.com wrote: I was going through the logs, Everytime i try doing an update (and ofcourse ending up with unbuffered exception) the log outputs the following line [30/Jun/2010:09:02:52 +] POST /solr/core1/update?wt=javabinversion=1 HTTP/1.1 401 1389 Regards Raakhi On Wed, Jun 30, 2010 at 12:27 PM, Rakhi Khatwani rkhatw...@gmail.com wrote: PS: I am using solr 1.4 Regards, Raakhi On Wed, Jun 30, 2010 at 12:05 PM, Rakhi Khatwani rkhatw...@gmail.com wrote: Hi, I am trying out solr security on my setup from the following links: http://wiki.apache.org/solr/SolrSecurity http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores Following is my configuration: realms.properties: admin: admin,server-administrator,content-administrator,admin other: OBF:1xmk1w261u9r1w1c1xmq guest: guest,read-only rakhi: rakhi,RW-role jetty.xml: ... Set name=UserRealms Array type=org.mortbay.jetty.security.UserRealm Item New class=org.mortbay.jetty.security.HashUserRealm Set name=nameTest Realm/Set Set name=configSystemProperty name=jetty.home default=.//etc/realm.properties/Set /New /Item /Array /Set ... WebDefault.xml: !-- block by default. -- security-constraint web-resource-collection web-resource-nameDefault/web-resource-name url-pattern//url-pattern /web-resource-collection auth-constraint/ !-- BLOCK! -- /security-constraint !-- Setting admin access. -- security-constraint web-resource-collection web-resource-nameSolr authenticated application/web-resource-name url-pattern/admin/*/url-pattern url-pattern/core1/admin/*/url-pattern /web-resource-collection auth-constraint role-nameadmin/role-name role-nameFullAccess-role/role-name /auth-constraint /security-constraint !-- this constraint has no auth constraint or data constraint = allows without auth. -- security-constraint web-resource-collection web-resource-nameAllowedQueries/web-resource-name url-pattern/core1/select/*/url-pattern /web-resource-collection /security-constraint login-config auth-methodBASIC/auth-method realm-nameTest Realm/realm-name /login-config security-role role-nameAdmin-role/role-name /security-role security-role role-nameFullAccess-role/role-name /security-role security-role role-nameRW-role/role-name /security-role So Far Everything works good. I get a forbidden exception as soon as i try to commit documents in solr. but when i add the following security constraint tag in webdefault.xml, !-- this constraint allows access to modify the data in the SOLR service, with basic auth -- security-constraint web-resource-collection web-resource-nameRW/web-resource-name !-- the dataimport handler for each individual core -- url-pattern/core1/dataimport/url-pattern !-- the update handler (XML over HTTP) for each individual core -- url-pattern/core1/update/*/url-pattern /web-resource-collection auth-constraint !-- Roles of users are defined int the properties file -- !-- we allow users with rw-only access -- role-nameRW-role/role-name !-- we allow users with full access -- role-nameFullAccess-role/role-name /auth-constraint /security-constraint I get the following
Unbuffered Exception while setting permissions
Hi, I am trying out solr security on my setup from the following links: http://wiki.apache.org/solr/SolrSecurity http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores Following is my configuration: realms.properties: admin: admin,server-administrator,content-administrator,admin other: OBF:1xmk1w261u9r1w1c1xmq guest: guest,read-only rakhi: rakhi,RW-role jetty.xml: ... Set name=UserRealms Array type=org.mortbay.jetty.security.UserRealm Item New class=org.mortbay.jetty.security.HashUserRealm Set name=nameTest Realm/Set Set name=configSystemProperty name=jetty.home default=.//etc/realm.properties/Set /New /Item /Array /Set ... WebDefault.xml: !-- block by default. -- security-constraint web-resource-collection web-resource-nameDefault/web-resource-name url-pattern//url-pattern /web-resource-collection auth-constraint/ !-- BLOCK! -- /security-constraint !-- Setting admin access. -- security-constraint web-resource-collection web-resource-nameSolr authenticated application/web-resource-name url-pattern/admin/*/url-pattern url-pattern/core1/admin/*/url-pattern /web-resource-collection auth-constraint role-nameadmin/role-name role-nameFullAccess-role/role-name /auth-constraint /security-constraint !-- this constraint has no auth constraint or data constraint = allows without auth. -- security-constraint web-resource-collection web-resource-nameAllowedQueries/web-resource-name url-pattern/core1/select/*/url-pattern /web-resource-collection /security-constraint login-config auth-methodBASIC/auth-method realm-nameTest Realm/realm-name /login-config security-role role-nameAdmin-role/role-name /security-role security-role role-nameFullAccess-role/role-name /security-role security-role role-nameRW-role/role-name /security-role So Far Everything works good. I get a forbidden exception as soon as i try to commit documents in solr. but when i add the following security constraint tag in webdefault.xml, !-- this constraint allows access to modify the data in the SOLR service, with basic auth -- security-constraint web-resource-collection web-resource-nameRW/web-resource-name !-- the dataimport handler for each individual core -- url-pattern/core1/dataimport/url-pattern !-- the update handler (XML over HTTP) for each individual core -- url-pattern/core1/update/*/url-pattern /web-resource-collection auth-constraint !-- Roles of users are defined int the properties file -- !-- we allow users with rw-only access -- role-nameRW-role/role-name !-- we allow users with full access -- role-nameFullAccess-role/role-name /auth-constraint /security-constraint I get the following exception: org.apache.solr.client.solrj.SolrServerException: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469) at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:243) at org.apache.solr.client.solrj.request.AbstractUpdateRequest.process(AbstractUpdateRequest.java:105) at org.apache.solr.client.solrj.SolrServer.add(SolrServer.java:64) at Authentication.AuthenticationTest.main(AuthenticationTest.java:35) Caused by: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:487) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:416) ... 4 more My Java code is as follows: public class AuthenticationTest { public static void main(String[] args) { try { HttpClient client = new HttpClient(); AuthScope scope = new AuthScope(AuthScope.ANY_HOST,AuthScope.ANY_PORT); client.getState().setCredentials(scope, new UsernamePasswordCredentials(rakhi,rakhi)); SolrServer server = new CommonsHttpSolrServer( http://localhost:8983/solr/core1/,client); SolrQuery query = new SolrQuery(); query.setQuery(*:*); QueryResponse response = server.query(query); System.out.println(response.getStatus()); SolrInputDocument doc = new SolrInputDocument(); doc.setField(aid, 0); doc.setField(rct, Sample Data for authentication); server.add(doc); server.commit(); } catch (MalformedURLException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (SolrServerException e) { //
Re: Unbuffered Exception while setting permissions
PS: I am using solr 1.4 Regards, Raakhi On Wed, Jun 30, 2010 at 12:05 PM, Rakhi Khatwani rkhatw...@gmail.comwrote: Hi, I am trying out solr security on my setup from the following links: http://wiki.apache.org/solr/SolrSecurity http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores Following is my configuration: realms.properties: admin: admin,server-administrator,content-administrator,admin other: OBF:1xmk1w261u9r1w1c1xmq guest: guest,read-only rakhi: rakhi,RW-role jetty.xml: ... Set name=UserRealms Array type=org.mortbay.jetty.security.UserRealm Item New class=org.mortbay.jetty.security.HashUserRealm Set name=nameTest Realm/Set Set name=configSystemProperty name=jetty.home default=.//etc/realm.properties/Set /New /Item /Array /Set ... WebDefault.xml: !-- block by default. -- security-constraint web-resource-collection web-resource-nameDefault/web-resource-name url-pattern//url-pattern /web-resource-collection auth-constraint/ !-- BLOCK! -- /security-constraint !-- Setting admin access. -- security-constraint web-resource-collection web-resource-nameSolr authenticated application/web-resource-name url-pattern/admin/*/url-pattern url-pattern/core1/admin/*/url-pattern /web-resource-collection auth-constraint role-nameadmin/role-name role-nameFullAccess-role/role-name /auth-constraint /security-constraint !-- this constraint has no auth constraint or data constraint = allows without auth. -- security-constraint web-resource-collection web-resource-nameAllowedQueries/web-resource-name url-pattern/core1/select/*/url-pattern /web-resource-collection /security-constraint login-config auth-methodBASIC/auth-method realm-nameTest Realm/realm-name /login-config security-role role-nameAdmin-role/role-name /security-role security-role role-nameFullAccess-role/role-name /security-role security-role role-nameRW-role/role-name /security-role So Far Everything works good. I get a forbidden exception as soon as i try to commit documents in solr. but when i add the following security constraint tag in webdefault.xml, !-- this constraint allows access to modify the data in the SOLR service, with basic auth -- security-constraint web-resource-collection web-resource-nameRW/web-resource-name !-- the dataimport handler for each individual core -- url-pattern/core1/dataimport/url-pattern !-- the update handler (XML over HTTP) for each individual core -- url-pattern/core1/update/*/url-pattern /web-resource-collection auth-constraint !-- Roles of users are defined int the properties file -- !-- we allow users with rw-only access -- role-nameRW-role/role-name !-- we allow users with full access -- role-nameFullAccess-role/role-name /auth-constraint /security-constraint I get the following exception: org.apache.solr.client.solrj.SolrServerException: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469) at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:243) at org.apache.solr.client.solrj.request.AbstractUpdateRequest.process(AbstractUpdateRequest.java:105) at org.apache.solr.client.solrj.SolrServer.add(SolrServer.java:64) at Authentication.AuthenticationTest.main(AuthenticationTest.java:35) Caused by: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:487) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:416) ... 4 more My Java code is as follows: public class AuthenticationTest { public static void main(String[] args) { try { HttpClient client = new HttpClient(); AuthScope scope = new AuthScope(AuthScope.ANY_HOST,AuthScope.ANY_PORT); client.getState().setCredentials(scope, new UsernamePasswordCredentials(rakhi,rakhi)); SolrServer server = new CommonsHttpSolrServer( http://localhost:8983/solr/core1/,client); SolrQuery query = new SolrQuery(); query.setQuery(*:*); QueryResponse response = server.query(query); System.out.println(response.getStatus()); SolrInputDocument doc = new
Re: Unbuffered Exception while setting permissions
I was going through the logs, Everytime i try doing an update (and ofcourse ending up with unbuffered exception) the log outputs the following line [30/Jun/2010:09:02:52 +] POST /solr/core1/update?wt=javabinversion=1 HTTP/1.1 401 1389 Regards Raakhi On Wed, Jun 30, 2010 at 12:27 PM, Rakhi Khatwani rkhatw...@gmail.comwrote: PS: I am using solr 1.4 Regards, Raakhi On Wed, Jun 30, 2010 at 12:05 PM, Rakhi Khatwani rkhatw...@gmail.comwrote: Hi, I am trying out solr security on my setup from the following links: http://wiki.apache.org/solr/SolrSecurity http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores Following is my configuration: realms.properties: admin: admin,server-administrator,content-administrator,admin other: OBF:1xmk1w261u9r1w1c1xmq guest: guest,read-only rakhi: rakhi,RW-role jetty.xml: ... Set name=UserRealms Array type=org.mortbay.jetty.security.UserRealm Item New class=org.mortbay.jetty.security.HashUserRealm Set name=nameTest Realm/Set Set name=configSystemProperty name=jetty.home default=.//etc/realm.properties/Set /New /Item /Array /Set ... WebDefault.xml: !-- block by default. -- security-constraint web-resource-collection web-resource-nameDefault/web-resource-name url-pattern//url-pattern /web-resource-collection auth-constraint/ !-- BLOCK! -- /security-constraint !-- Setting admin access. -- security-constraint web-resource-collection web-resource-nameSolr authenticated application/web-resource-name url-pattern/admin/*/url-pattern url-pattern/core1/admin/*/url-pattern /web-resource-collection auth-constraint role-nameadmin/role-name role-nameFullAccess-role/role-name /auth-constraint /security-constraint !-- this constraint has no auth constraint or data constraint = allows without auth. -- security-constraint web-resource-collection web-resource-nameAllowedQueries/web-resource-name url-pattern/core1/select/*/url-pattern /web-resource-collection /security-constraint login-config auth-methodBASIC/auth-method realm-nameTest Realm/realm-name /login-config security-role role-nameAdmin-role/role-name /security-role security-role role-nameFullAccess-role/role-name /security-role security-role role-nameRW-role/role-name /security-role So Far Everything works good. I get a forbidden exception as soon as i try to commit documents in solr. but when i add the following security constraint tag in webdefault.xml, !-- this constraint allows access to modify the data in the SOLR service, with basic auth -- security-constraint web-resource-collection web-resource-nameRW/web-resource-name !-- the dataimport handler for each individual core -- url-pattern/core1/dataimport/url-pattern !-- the update handler (XML over HTTP) for each individual core -- url-pattern/core1/update/*/url-pattern /web-resource-collection auth-constraint !-- Roles of users are defined int the properties file -- !-- we allow users with rw-only access -- role-nameRW-role/role-name !-- we allow users with full access -- role-nameFullAccess-role/role-name /auth-constraint /security-constraint I get the following exception: org.apache.solr.client.solrj.SolrServerException: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469) at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:243) at org.apache.solr.client.solrj.request.AbstractUpdateRequest.process(AbstractUpdateRequest.java:105) at org.apache.solr.client.solrj.SolrServer.add(SolrServer.java:64) at Authentication.AuthenticationTest.main(AuthenticationTest.java:35) Caused by: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:487) at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:416) ... 4 more My Java code is as follows: public class AuthenticationTest { public static void main(String[] args) { try { HttpClient client = new HttpClient(); AuthScope scope = new AuthScope(AuthScope.ANY_HOST,AuthScope.ANY_PORT);
Re: Unbuffered Exception while setting permissions
This error usually occurs when i do a server.add(inpDoc). Behind the logs: 192.168.0.106 - - [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/update?qt=%2Fupdateoptimize=truewt=javabinversion=1 HTTP/1.1 200 41 192.168.0.106 - - [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/select?q=aid%3A30234wt=javabinversion=1 HTTP/1.1 401 1389 192.168.0.106 - admin [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/select?q=aid%3A30234wt=javabinversion=1 HTTP/1.1 200 70 192.168.0.106 - - [30/Jun/2010:11:30:38 +] POST /solr/GPTWPI/update?wt=javabinversion=1 HTTP/1.1 200 41 (Works when i comment out the auth-constraint for RW) AND 192.168.0.106 - - [30/Jun/2010:11:29:09 +] POST /solr/GPTWPI/update?wt=javabinversion=1 HTTP/1.1 401 1389 (Does not work when i add the auth-constraint for RW) 192.168.0.106 - - [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/update?qt=%2Fupdatecommit=truewt=javabinversion=1 HTTP/1.1 200 41 so what i conclude is that the authentication does not work when we do a POST method and works for GET methods. correct me if i am wrong. and how do i get it working? Regards, Raakhi On Wed, Jun 30, 2010 at 2:22 PM, Rakhi Khatwani rkhatw...@gmail.com wrote: I was going through the logs, Everytime i try doing an update (and ofcourse ending up with unbuffered exception) the log outputs the following line [30/Jun/2010:09:02:52 +] POST /solr/core1/update?wt=javabinversion=1 HTTP/1.1 401 1389 Regards Raakhi On Wed, Jun 30, 2010 at 12:27 PM, Rakhi Khatwani rkhatw...@gmail.comwrote: PS: I am using solr 1.4 Regards, Raakhi On Wed, Jun 30, 2010 at 12:05 PM, Rakhi Khatwani rkhatw...@gmail.comwrote: Hi, I am trying out solr security on my setup from the following links: http://wiki.apache.org/solr/SolrSecurity http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores Following is my configuration: realms.properties: admin: admin,server-administrator,content-administrator,admin other: OBF:1xmk1w261u9r1w1c1xmq guest: guest,read-only rakhi: rakhi,RW-role jetty.xml: ... Set name=UserRealms Array type=org.mortbay.jetty.security.UserRealm Item New class=org.mortbay.jetty.security.HashUserRealm Set name=nameTest Realm/Set Set name=configSystemProperty name=jetty.home default=.//etc/realm.properties/Set /New /Item /Array /Set ... WebDefault.xml: !-- block by default. -- security-constraint web-resource-collection web-resource-nameDefault/web-resource-name url-pattern//url-pattern /web-resource-collection auth-constraint/ !-- BLOCK! -- /security-constraint !-- Setting admin access. -- security-constraint web-resource-collection web-resource-nameSolr authenticated application/web-resource-name url-pattern/admin/*/url-pattern url-pattern/core1/admin/*/url-pattern /web-resource-collection auth-constraint role-nameadmin/role-name role-nameFullAccess-role/role-name /auth-constraint /security-constraint !-- this constraint has no auth constraint or data constraint = allows without auth. -- security-constraint web-resource-collection web-resource-nameAllowedQueries/web-resource-name url-pattern/core1/select/*/url-pattern /web-resource-collection /security-constraint login-config auth-methodBASIC/auth-method realm-nameTest Realm/realm-name /login-config security-role role-nameAdmin-role/role-name /security-role security-role role-nameFullAccess-role/role-name /security-role security-role role-nameRW-role/role-name /security-role So Far Everything works good. I get a forbidden exception as soon as i try to commit documents in solr. but when i add the following security constraint tag in webdefault.xml, !-- this constraint allows access to modify the data in the SOLR service, with basic auth -- security-constraint web-resource-collection web-resource-nameRW/web-resource-name !-- the dataimport handler for each individual core -- url-pattern/core1/dataimport/url-pattern !-- the update handler (XML over HTTP) for each individual core -- url-pattern/core1/update/*/url-pattern /web-resource-collection auth-constraint !-- Roles of users are defined int the properties file -- !-- we allow users with rw-only access -- role-nameRW-role/role-name !-- we allow users with full access -- role-nameFullAccess-role/role-name /auth-constraint /security-constraint I get the following exception: org.apache.solr.client.solrj.SolrServerException: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469) at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:243) at org.apache.solr.client.solrj.request.AbstractUpdateRequest.process(AbstractUpdateRequest.java:105) at
Re: Unbuffered Exception while setting permissions
Other problems with this error have been solved by doing pre-emptive authentication. On Wed, Jun 30, 2010 at 4:26 AM, Rakhi Khatwani rkhatw...@gmail.com wrote: This error usually occurs when i do a server.add(inpDoc). Behind the logs: 192.168.0.106 - - [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/update?qt=%2Fupdateoptimize=truewt=javabinversion=1 HTTP/1.1 200 41 192.168.0.106 - - [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/select?q=aid%3A30234wt=javabinversion=1 HTTP/1.1 401 1389 192.168.0.106 - admin [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/select?q=aid%3A30234wt=javabinversion=1 HTTP/1.1 200 70 192.168.0.106 - - [30/Jun/2010:11:30:38 +] POST /solr/GPTWPI/update?wt=javabinversion=1 HTTP/1.1 200 41 (Works when i comment out the auth-constraint for RW) AND 192.168.0.106 - - [30/Jun/2010:11:29:09 +] POST /solr/GPTWPI/update?wt=javabinversion=1 HTTP/1.1 401 1389 (Does not work when i add the auth-constraint for RW) 192.168.0.106 - - [30/Jun/2010:11:30:38 +] GET /solr/GPTWPI/update?qt=%2Fupdatecommit=truewt=javabinversion=1 HTTP/1.1 200 41 so what i conclude is that the authentication does not work when we do a POST method and works for GET methods. correct me if i am wrong. and how do i get it working? Regards, Raakhi On Wed, Jun 30, 2010 at 2:22 PM, Rakhi Khatwani rkhatw...@gmail.com wrote: I was going through the logs, Everytime i try doing an update (and ofcourse ending up with unbuffered exception) the log outputs the following line [30/Jun/2010:09:02:52 +] POST /solr/core1/update?wt=javabinversion=1 HTTP/1.1 401 1389 Regards Raakhi On Wed, Jun 30, 2010 at 12:27 PM, Rakhi Khatwani rkhatw...@gmail.comwrote: PS: I am using solr 1.4 Regards, Raakhi On Wed, Jun 30, 2010 at 12:05 PM, Rakhi Khatwani rkhatw...@gmail.comwrote: Hi, I am trying out solr security on my setup from the following links: http://wiki.apache.org/solr/SolrSecurity http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores Following is my configuration: realms.properties: admin: admin,server-administrator,content-administrator,admin other: OBF:1xmk1w261u9r1w1c1xmq guest: guest,read-only rakhi: rakhi,RW-role jetty.xml: ... Set name=UserRealms Array type=org.mortbay.jetty.security.UserRealm Item New class=org.mortbay.jetty.security.HashUserRealm Set name=nameTest Realm/Set Set name=configSystemProperty name=jetty.home default=.//etc/realm.properties/Set /New /Item /Array /Set ... WebDefault.xml: !-- block by default. -- security-constraint web-resource-collection web-resource-nameDefault/web-resource-name url-pattern//url-pattern /web-resource-collection auth-constraint/ !-- BLOCK! -- /security-constraint !-- Setting admin access. -- security-constraint web-resource-collection web-resource-nameSolr authenticated application/web-resource-name url-pattern/admin/*/url-pattern url-pattern/core1/admin/*/url-pattern /web-resource-collection auth-constraint role-nameadmin/role-name role-nameFullAccess-role/role-name /auth-constraint /security-constraint !-- this constraint has no auth constraint or data constraint = allows without auth. -- security-constraint web-resource-collection web-resource-nameAllowedQueries/web-resource-name url-pattern/core1/select/*/url-pattern /web-resource-collection /security-constraint login-config auth-methodBASIC/auth-method realm-nameTest Realm/realm-name /login-config security-role role-nameAdmin-role/role-name /security-role security-role role-nameFullAccess-role/role-name /security-role security-role role-nameRW-role/role-name /security-role So Far Everything works good. I get a forbidden exception as soon as i try to commit documents in solr. but when i add the following security constraint tag in webdefault.xml, !-- this constraint allows access to modify the data in the SOLR service, with basic auth -- security-constraint web-resource-collection web-resource-nameRW/web-resource-name !-- the dataimport handler for each individual core -- url-pattern/core1/dataimport/url-pattern !-- the update handler (XML over HTTP) for each individual core -- url-pattern/core1/update/*/url-pattern /web-resource-collection auth-constraint !-- Roles of users are defined int the properties file -- !-- we allow users with rw-only access -- role-nameRW-role/role-name !-- we allow users with full access -- role-nameFullAccess-role/role-name /auth-constraint /security-constraint I get the following exception: org.apache.solr.client.solrj.SolrServerException: org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing request can not be repeated. at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469) at