Thank you for the info. I have already downgraded to 5.2.x as this is a production setup. Unfortunatelly I have the same trouble there ... Any suggestions how to fix this? What is the recommended procedure in securing the admin gui on prod setups?
2015-09-11 14:26 GMT+02:00 Noble Paul <noble.p...@gmail.com>: > There were some bugs with the 5.3.0 release and 5.3.1 is in the > process of getting released. > > try out the option #2 with the RC here > > > https://dist.apache.org/repos/dist/dev/lucene/lucene-solr-5.3.1-RC1-rev1702389/solr/ > > > > On Fri, Sep 11, 2015 at 5:16 PM, Merlin Morgenstern > <merlin.morgenst...@gmail.com> wrote: > > OK, I downgraded to solr 5.2.x > > > > Unfortunatelly still no luck. I followed 2 aproaches: > > > > 1. Secure it the old fashioned way like described here: > > > http://stackoverflow.com/questions/28043957/how-to-set-apache-solr-admin-password > > > > 2. Using the Basic Authentication Plugin like described here: > > http://lucidworks.com/blog/securing-solr-basic-auth-permission-rules/ > > > > Both aproaches created unsolved problems. > > > > While following option 1, I was able to secure the Admin UI with basic > > authentication, but no longer able to access my application despite the > > fact that it was working on solr 3.x with the same type of authentication > > procedure and credentials. > > > > While following option 2, I was stuck right after uploading the > > security.json file to the zookeeper ensemble. The described behaviour to > curl > > http://localhost:8983/solr/admin/authentication responded with a 404 not > > found and then solr could not connect to zookeeper. I had to remove that > > file from zookeeper and restart all solr nodes. > > > > Please could someone lead me the way on how to secure the Admin UI and > > password protect solr cloud? I have a perfectly running system with solr > > 3.x and one core and now taking it to solr cloud 5.2.x into production > > seems to be stoped by simple authorization problems. > > > > Thank you in advane for any help. > > > > > > > > 2015-09-10 20:42 GMT+02:00 Noble Paul <noble.p...@gmail.com>: > > > >> Check this > https://cwiki.apache.org/confluence/display/solr/Securing+Solr > >> > >> There a couple of bugs in 5.3.o and a bug fix release is coming up > >> over the next few days. > >> > >> We don't provide any specific means to restrict access to admin UI > >> itself. However we let users specify fine grained ACLs on various > >> operations such collection-admin-edit, read etc > >> > >> On Wed, Sep 9, 2015 at 2:35 PM, Merlin Morgenstern > >> <merlin.morgenst...@gmail.com> wrote: > >> > I just installed solr cloud 5.3.x and found that the way to secure the > >> amin > >> > ui has changed. Aparently there is a new plugin which does role based > >> > authentification and all info on how to secure the admin UI found on > the > >> > net is outdated. > >> > > >> > I do not need role based authentification but just simply want to put > >> basic > >> > authentification to the Admin UI. > >> > > >> > How do I configure solr cloud 5.3.x in order to restrict access to the > >> > Admin UI via Basic Authentification? > >> > > >> > Thank you for any help > >> > >> > >> > >> -- > >> ----------------------------------------------------- > >> Noble Paul > >> > > > > -- > ----------------------------------------------------- > Noble Paul >
