What Noble Paul says is true: Solr can't - directly - restrict access to
static files.
However, if you set your file repository's permissions to a minimal
level (so, for example, users can't do a directory search), then they
must know the precise name and location of the file they're trying to
You can't restrict access to static files.
You can only restrict access to Solr content.
However you can use the "blockUnknown" property in your security.json
to restrict access to all files
https://lucene.apache.org/solr/guide/7_5/basic-authentication-plugin.html
--Noble
On Sat, Jun 9, 2018 at
Authentication does work and authorization for general is working fine. But
nothing authorization works when specified certain collection. That's so
frustrating. It is weird that even I just do simple "path":"/*" won't do
anything if I add "collection":"a".
--
Sent from:
I run on Solr cloud 7.2.1
Sent from my mobile. Please excuse any typos.
> On Dec 4, 2018, at 2:57 PM, Terry Steichen wrote:
>
> I think there's been some confusion on which standalone versions support
> authentication. I'm using 6.6 in cloud mode (purely so the
> authentication will work).
I think there's been some confusion on which standalone versions support
authentication. I'm using 6.6 in cloud mode (purely so the
authentication will work). Some of the documentation seems to say that
only cloud implementations support it, but others (like the experts on
this forum) say that
I am using standalone Solr 7.4.0. Are you using cloud or standalone? Not sure
if that cause the problem or not.
--
Sent from: http://lucene.472066.n3.nabble.com/Solr-User-f472068.html
What Solr version are you using?
On 12/4/18 2:47 PM, yydpkm wrote:
> Thank you for your replay. I use your format and failed. User2 can still
> visit collection "name"
> Could that because I am using standalone Solr not Solrcloud?
>
>
>
> --
> Sent from:
I tried to replace "/select" with "/*" but user B can still access collection
A.
"permissions":[
{
"name":"security-edit",
"role":"admin",
"index":1},
{
"name":"PermA",
"collection":CollectionA"",
"path":"/*",
Thank you for your replay. I use your format and failed. User2 can still
visit collection "name"
Could that because I am using standalone Solr not Solrcloud?
--
Sent from: http://lucene.472066.n3.nabble.com/Solr-User-f472068.html
Hi Rick,
This is how I was able to restrict permissions to user-role ( user1 ) to
its own collection. Hopefully it helps.
"permissions": [
{"name": "*", "path": "/dataimport", "params": {"command":
["status"]}, "role": "*"},
{"collection": "name", "path": "/admin/file", "role":
In setting his permission, Antony said he set "path": "/admin/file". I
use "path":"/*" - that may be too restrictive for you, but it works fine
(for me).
On 12/4/18 9:55 AM, yydpkm wrote:
> Hi Antony,
>
> Have you solved this? I am facing the same thing. Other users can still do
> /select after
Hi Antony,
Have you solved this? I am facing the same thing. Other users can still do
/select after I set the permission path and collection.
Best,
Rick
--
Sent from: http://lucene.472066.n3.nabble.com/Solr-User-f472068.html
Hello,
I am trying to get the path/params restricted to users of individual
collection through Solr UI.
Here is the permission that I have for an user.
{"collection": "collection_name", "path": "/admin/file", "role": ["
collection_user"]}
I am still not able to restrict another user from
etty8 solr versions but with the new
> jetty9 modules/classloaders it's proving a challenge.
>
> Marshall Sanders
> Technical Lead – Software Engineer
> Autotrader.com
> 404-568-7130
>
> -Original Message-
> From: Aziz Gaou [mailto:gaoua...@gmail.com]
> Sent
thank you so much for your reply
2015-09-16 18:58 GMT+00:00 Anshum Gupta :
> Basic authentication (and the API support, that you're trying to use) was
> only released with 5.3.0 so it wouldn't work with 5.2.
> 5.2 only had the authentication and authorization frameworks,
thank you so much for your reply,
Now, i try to protect Apache Solr 5 admin with jetty, when I change
1) sudo nano /opt/solr/server/etc/webdefault.xml
Solr
/*
search-role
BASIC
Solr Realm
2) i changed too "*jetty.xml *
a challenge.
Marshall Sanders
Technical Lead – Software Engineer
Autotrader.com
404-568-7130
-Original Message-
From: Aziz Gaou [mailto:gaoua...@gmail.com]
Sent: Thursday, September 17, 2015 5:55 AM
To: solr-user@lucene.apache.org
Subject: Re: Securing solr 5.2 basic auth permission rules
Subject: RE: Securing solr 5.2 basic auth permission rules
So the issue is that when it's stated that solr runs on jetty 9 what it really
means is that it runs on 5% of jetty9 and the other 95% has been stripped out.
(WH! It's only ~13 MB)
You'll need to download the appropriate version
-user@lucene.apache.org
Subject: RE: Securing solr 5.2 basic auth permission rules
I'm actually trying to do something similar with 5.3
We're in the process of upgrading from 4.10 and were previously using jaas to
secure dih pages and a few others and had a config similar to what you
described
Hi,
I try to follow:
https://cwiki.apache.org/confluence/display/solr/Basic+Authentication+Plugin,
to protect Solr 5.2 Admin with password, but I have not been able to secure.
1) When I run the following command:
curl --user solr:SolrRocks http://localhost:8983/solr/admin/authentication
-H
Basic authentication (and the API support, that you're trying to use) was
only released with 5.3.0 so it wouldn't work with 5.2.
5.2 only had the authentication and authorization frameworks, and shipped
with Kerberos authentication plugin out of the box.
There are a few known issues with that
21 matches
Mail list logo