You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Wei Liao (JIRA)" <ji...@apache.org> on 2018/10/31 18:49:00 UTC
[jira] [Updated] (SOLR-12948) Basic Auth login windows pops up with
page loaded
[ https://issues.apache.org/jira/browse/SOLR-12948?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Wei Liao updated SOLR-12948:
----------------------------
Description:
I've enabled basic auth in my solr 7.5 installation (with no blockUnknown), created an admin role and added all of the [predefined permission|https://lucene.apache.org/solr/guide/7_5/rule-based-authorization-plugin.html] (except read and all) to the role, and created an admin user with that role.
What I wanted to do, is to enable public access only to the /select for querying, and password protect everything else.
With this, I can hit /select without authentication, but when I browse to the admin UI, the login window pops up as I'd expect, but the dashboard page also loaded up, see attached. I'd have expected nothing's showing except the login.
If this is the wrong approach to what I needed, I'm interested in what you guys do to achieve this.
Thanks!
was:
I've enabled basic auth in my solr 7.5 installation (with no blockUnknown), created an admin role and added all of the predefined permission (except read and all) to the role, and created an admin user with that role.
What I wanted to do, is to enable public access only to the /select for querying, and password protect everything else.
With this, I can hit /select without authentication, but when I browse to the admin UI, the login window pops up as I'd expect, but the dashboard page also loaded up, see attached. I'd have expected nothing's showing except the login.
If this is the wrong approach to what I needed, I'm interested in what you guys do to achieve this.
Thanks!
> Basic Auth login windows pops up with page loaded
> -------------------------------------------------
>
> Key: SOLR-12948
> URL: https://issues.apache.org/jira/browse/SOLR-12948
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Admin UI
> Affects Versions: 7.5
> Reporter: Wei Liao
> Priority: Major
> Attachments: Screenshot from 2018-10-31 14-30-09.png
>
>
> I've enabled basic auth in my solr 7.5 installation (with no blockUnknown), created an admin role and added all of the [predefined permission|https://lucene.apache.org/solr/guide/7_5/rule-based-authorization-plugin.html] (except read and all) to the role, and created an admin user with that role.
> What I wanted to do, is to enable public access only to the /select for querying, and password protect everything else.
> With this, I can hit /select without authentication, but when I browse to the admin UI, the login window pops up as I'd expect, but the dashboard page also loaded up, see attached. I'd have expected nothing's showing except the login.
> If this is the wrong approach to what I needed, I'm interested in what you guys do to achieve this.
> Thanks!
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org