Yes, it works! Thanks a lot!
El vie., 28 feb. 2020 20:15, Oakley, Craig (NIH/NLM/NCBI) [C] <craig.oak...@nih.gov.invalid> escribió: > I have found that for admin commands you may need to include > "collection":null > { > "name":"admin-info-system2", > "path":"/admin/*", > "collection":null, > "role":"*"} > > > -----Original Message----- > From: Jesús Roca <xes...@gmail.com> > Sent: Friday, February 28, 2020 2:10 PM > To: solr-user@lucene.apache.org > Subject: Limiting access to /admin path > > Hello, > > I have a Solr 7.7.2 instance with basic authentication. > > Anyone knows how to limit only to authenticated users the access to /admin > path? > For example to: > > https://localhost:8983/solr/admin/info/system > > When I access to that section this is the log generated: > 2020-02-28 18:05:58.896 INFO (qtp694316372-17) [ ] o.a.s.s.HttpSolrCall > [admin] webapp=null path=/admin/info/system params={} status=0 QTime=36 > > I have added the following custom permission, but it doesn't block the > unauthenticated request to that section: > > "permissions":[ > { > "name":"admin-info-system", > "path":"/admin/info/system", > "role":"*"} > ], > > If I create the following custom permissions with diferent path: > > "permissions":[ > { > "name":"admin-info-system1", > "path":"/select/*", > "role":"*"}, > { > "name":"admin-info-system2", > "path":"/admin/*", > "role":"*"} > ], > > Then, I have to authenticate when I query a collection, but I can still > access to /admin/info/system or /admin/collections?action=CLUSTERSTATUS > > Definitely, I don't know how to block unauthenticated access to /admin path > without add the blockUnknown=true attribute but, if I do that, all the > request will have to be authenticated and I didn't. > > Thanks in advance! >