Hi, I'm trying to setup Authentication and Role-based authorization in Solr 5.5. Beside "Solr" user from example, I've created another user "dev". I've used the following website to generate sha256 encoded password.
http://www.lorem-ipsum.co.uk/hasher.php I've used password as "password" . Here's my security.json { "authentication": { "blockUnknown": false, "class": "solr.BasicAuthPlugin", "credentials": { "solr": "IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=", "dev":" 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8", } }, "authorization": { "class": "solr.RuleBasedAuthorizationPlugin", "permissions": [ { "name": "security-edit", "role": "admin" }, { "name": "schema-edit", "role": "admin" }, { "name": "config-edit", "role": "admin" }, { "name": "collection-admin-edit", "role": "admin" }, { "name": "all-admin", "collection": null, "path": "/*", "role": "adminAllRole" }, { "name": "all-core-handlers", "path": "/*", "role": "adminAllHandler" }, { "name": "update", "role": "updateRole" }, { "name": "read", "role": "readRole" }, { "name": "browse", "collection": "gettingstarted", "path": "/browse", "role": "browseRole" }, { "name": "select", "collection": "gettingstarted", "path": "/select/*", "role": "selectRole" } ], "user-role": { "solr": [ "admin", "adminAllRole", "adminAllHandler", "updateRole" ], "dev": [ "readRole" ] } } } Here's what I'm doing. 1. I started Solr in Cloud mode "solr start -e cloud -noprompt" 2. zkcli.bat -zkhost localhost:9983 -cmd putfile /security.json security.json 3. tried http://localhost:8983/solr/gettingstarted/browse , provided dev/password but I'm getting the following exception: [c:gettingstarted s:shard2 r:core_node3 x:gettingstarted_shard2_replica2] org.apache.solr.servlet.HttpSolrCall; USER_REQUIRED auth header Basic c29scjpTb2xyUm9ja3M= context : userPrincipal: [[principal: solr]] type: [UNKNOWN], collections: [gettingstarted,], Path: [/browse] path : /browse params : Looks like I'm using the wrong way of generating the password. solr/SolrRocks works as expected. Also, sure what's wrong with the "readRole" . It doesn't seem to work when I try with user "solr". Any pointers will be appreciated. -Thanks, Shamik