You are viewing a plain text version of this content. The canonical link for it is here.
Posted to solr-user@lucene.apache.org by Marcin Rzewucki <mr...@gmail.com> on 2012/11/16 16:55:05 UTC
Solr Admin Page authentication
Hi,
Does anybody know if SOLR supports Admin Page authentication ?
I'm using Jetty from the latest solr package. I added security option to
start.ini:
OPTIONS=Server,webapp,security
and in configuration file I have (according to Jetty documentation):
<!-- =========================================================== -->
<!-- Configure Authentication Login Service -->
<!-- =========================================================== -->
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">Test Realm</Set>
<Set name="config"><Property name="jetty.home"
default="."/>/etc/realm.properties</Set>
<Set name="refreshInterval">0</Set>
</New>
</Arg>
</Call>
However, it does not seem to be working. Is something missing or it won't
work for Solr ?
Kind regards.
Re: Solr Admin Page authentication
Posted by Stefan Matheis <ma...@gmail.com>.
Alex
On Friday, November 16, 2012 at 5:44 PM, Alexandre Rafalovitch wrote:
> I wonder if it is possible to protect those resources and whether the
> browser will pop-up the authentication on first access (even if from AJAX
> call). Or it might be possible to have a fake resource loading from that
> area to force auth request?
The AJAX Calls will silently fail - the server is simply responding with an 401, but not more. Of course you can setup an error handler for that case, but you have to do the whole authentication management yourself (the browser doesn't help you while using AJAX Calls, i'm afraid)
Stefan
Re: Solr Admin Page authentication
Posted by Alexandre Rafalovitch <ar...@gmail.com>.
The UI is under Solr, but actual operations I think are still under
/solr/admin and /solr/corename/admin :
<requestHandler name="/admin/" class="solr.admin.AdminHandlers" />
I wonder if it is possible to protect those resources and whether the
browser will pop-up the authentication on first access (even if from AJAX
call). Or it might be possible to have a fake resource loading from that
area to force auth request?
Regards,
Alex.
Personal blog: http://blog.outerthoughts.com/
LinkedIn: http://www.linkedin.com/in/alexandrerafalovitch
- Time is the quality of nature that keeps events from happening all at
once. Lately, it doesn't seem to be working. (Anonymous - via GTD book)
On Fri, Nov 16, 2012 at 11:32 AM, Michael Long <ml...@bizjournals.com>wrote:
> It doesn't... you would have to do this with jetty or tomcat. But I
> noticed with 4.0 it no longer lives under /admin but rather /solr...and
> that means you can't just password-protect it without password-protecting
> all of solr. If I am wrong, please let me know...I would love to protect it
> somehow
>
>
> On 11/16/2012 10:55 AM, Marcin Rzewucki wrote:
>
>> Hi,
>>
>> Does anybody know if SOLR supports Admin Page authentication ?
>> I'm using Jetty from the latest solr package. I added security option to
>> start.ini:
>> OPTIONS=Server,webapp,security
>>
>> and in configuration file I have (according to Jetty documentation):
>> <!-- ==============================**=============================
>> -->
>> <!-- Configure Authentication Login Service -->
>> <!-- ==============================**=============================
>> -->
>> <Call name="addBean">
>> <Arg>
>> <New class="org.eclipse.jetty.**security.HashLoginService">
>> <Set name="name">Test Realm</Set>
>> <Set name="config"><Property name="jetty.home"
>> default="."/>/etc/realm.**properties</Set>
>> <Set name="refreshInterval">0</Set>
>> </New>
>> </Arg>
>> </Call>
>>
>> However, it does not seem to be working. Is something missing or it won't
>> work for Solr ?
>>
>> Kind regards.
>>
>>
>
Re: Solr Admin Page authentication
Posted by Marcin Rzewucki <mr...@gmail.com>.
Hi,
I added authentication in Jetty and it works fine. However, it's strange
that url pattern like "/admin/cores*" is not working, but "/admin/*" works
correct.
Regards.
On 17 November 2012 01:10, Marcin Rzewucki <mr...@gmail.com> wrote:
> Hi,
>
> Yes, I'm trying to add authentication to Jetty (for solr4), according to
> this wiki page:
> http://wiki.apache.org/solr/SolrSecurity
>
> Does it work for you ?
>
>
> On 16 November 2012 17:32, Michael Long <ml...@bizjournals.com> wrote:
>
>> It doesn't... you would have to do this with jetty or tomcat. But I
>> noticed with 4.0 it no longer lives under /admin but rather /solr...and
>> that means you can't just password-protect it without password-protecting
>> all of solr. If I am wrong, please let me know...I would love to protect it
>> somehow
>>
>>
>> On 11/16/2012 10:55 AM, Marcin Rzewucki wrote:
>>
>>> Hi,
>>>
>>> Does anybody know if SOLR supports Admin Page authentication ?
>>> I'm using Jetty from the latest solr package. I added security option to
>>> start.ini:
>>> OPTIONS=Server,webapp,security
>>>
>>> and in configuration file I have (according to Jetty documentation):
>>> <!-- ==============================**=============================
>>> -->
>>> <!-- Configure Authentication Login Service -->
>>> <!-- ==============================**=============================
>>> -->
>>> <Call name="addBean">
>>> <Arg>
>>> <New class="org.eclipse.jetty.**security.HashLoginService">
>>> <Set name="name">Test Realm</Set>
>>> <Set name="config"><Property name="jetty.home"
>>> default="."/>/etc/realm.**properties</Set>
>>> <Set name="refreshInterval">0</Set>
>>> </New>
>>> </Arg>
>>> </Call>
>>>
>>> However, it does not seem to be working. Is something missing or it won't
>>> work for Solr ?
>>>
>>> Kind regards.
>>>
>>>
>>
>
Re: Solr Admin Page authentication
Posted by Marcin Rzewucki <mr...@gmail.com>.
Hi,
Yes, I'm trying to add authentication to Jetty (for solr4), according to
this wiki page:
http://wiki.apache.org/solr/SolrSecurity
Does it work for you ?
On 16 November 2012 17:32, Michael Long <ml...@bizjournals.com> wrote:
> It doesn't... you would have to do this with jetty or tomcat. But I
> noticed with 4.0 it no longer lives under /admin but rather /solr...and
> that means you can't just password-protect it without password-protecting
> all of solr. If I am wrong, please let me know...I would love to protect it
> somehow
>
>
> On 11/16/2012 10:55 AM, Marcin Rzewucki wrote:
>
>> Hi,
>>
>> Does anybody know if SOLR supports Admin Page authentication ?
>> I'm using Jetty from the latest solr package. I added security option to
>> start.ini:
>> OPTIONS=Server,webapp,security
>>
>> and in configuration file I have (according to Jetty documentation):
>> <!-- ==============================**=============================
>> -->
>> <!-- Configure Authentication Login Service -->
>> <!-- ==============================**=============================
>> -->
>> <Call name="addBean">
>> <Arg>
>> <New class="org.eclipse.jetty.**security.HashLoginService">
>> <Set name="name">Test Realm</Set>
>> <Set name="config"><Property name="jetty.home"
>> default="."/>/etc/realm.**properties</Set>
>> <Set name="refreshInterval">0</Set>
>> </New>
>> </Arg>
>> </Call>
>>
>> However, it does not seem to be working. Is something missing or it won't
>> work for Solr ?
>>
>> Kind regards.
>>
>>
>
Re: Solr Admin Page authentication
Posted by Michael Long <ml...@bizjournals.com>.
It doesn't... you would have to do this with jetty or tomcat. But I
noticed with 4.0 it no longer lives under /admin but rather /solr...and
that means you can't just password-protect it without
password-protecting all of solr. If I am wrong, please let me know...I
would love to protect it somehow
On 11/16/2012 10:55 AM, Marcin Rzewucki wrote:
> Hi,
>
> Does anybody know if SOLR supports Admin Page authentication ?
> I'm using Jetty from the latest solr package. I added security option to
> start.ini:
> OPTIONS=Server,webapp,security
>
> and in configuration file I have (according to Jetty documentation):
> <!-- =========================================================== -->
> <!-- Configure Authentication Login Service -->
> <!-- =========================================================== -->
> <Call name="addBean">
> <Arg>
> <New class="org.eclipse.jetty.security.HashLoginService">
> <Set name="name">Test Realm</Set>
> <Set name="config"><Property name="jetty.home"
> default="."/>/etc/realm.properties</Set>
> <Set name="refreshInterval">0</Set>
> </New>
> </Arg>
> </Call>
>
> However, it does not seem to be working. Is something missing or it won't
> work for Solr ?
>
> Kind regards.
>