thank you so much for your reply, Now, i try to protect Apache Solr 5 admin with jetty, when I change
1) sudo nano /opt/solr/server/etc/webdefault.xml <?xml version="1.0" encoding="ISO-8859-1"?> <web-app ......> <!-- only the relevant addition is listed here --> <security-constraint> <web-resource-collection> <web-resource-name>Solr</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>search-role</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Solr Realm</realm-name> </login-config> </web-app> 2) i changed too "*jetty.xml * <https://gist.github.com/jstrassburg/9777027#file-jetty-xml> " and " *realm.properties* <https://gist.github.com/jstrassburg/9777027#file-realm-properties>" 3) the following message will appear on browser: - http://localhost:8983/solr/ HTTP ERROR: 503 Problem accessing /solr/. Reason: Service Unavailable ------------------------------ *Powered by Jetty://* Thanks for your help 2015-09-16 18:58 GMT+00:00 Anshum Gupta <ans...@anshumgupta.net>: > Basic authentication (and the API support, that you're trying to use) was > only released with 5.3.0 so it wouldn't work with 5.2. > 5.2 only had the authentication and authorization frameworks, and shipped > with Kerberos authentication plugin out of the box. > > There are a few known issues with that though, and a 5.3.1 release is just > around the corner. > > On Wed, Sep 16, 2015 at 10:11 AM, Aziz Gaou <gaoua...@gmail.com> wrote: > > > Hi, > > > > I try to follow: > > > > > https://cwiki.apache.org/confluence/display/solr/Basic+Authentication+Plugin > > , > > to protect Solr 5.2 Admin with password, but I have not been able to > > secure. > > > > 1) When I run the following command: > > > > curl --user solr:SolrRocks > http://localhost:8983/solr/admin/authentication > > -H 'Content-type:application/json'-d '{ > > "set-user": {"tom" : "TomIsCool" }}' > > > > no update on the file security.json > > > > 2) I launched the following 2 commands: > > > > curl --user solr:SolrRocks > http://localhost:8983/solr/admin/authorization > > -H 'Content-type:application/json'-d '{"set-permission": { > > "name":"updates", "collection":"MyCollection", "role": "dev"}}' > > > > curl --user solr:SolrRocks > http://localhost:8983/solr/admin/authorization > > -H 'Content-type:application/json' -d '{ "set-user-role": > {"tom":["dev"}}' > > > > always MyCollection is not protected. > > > > > > thank you for your help. > > > > > > -- > Anshum Gupta >