You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@solr.apache.org by Tamal Choudhury <ch...@gmail.com> on 2022/06/23 07:42:24 UTC

Facing an issue with solr 5.3.0 basic auth enablement

Hi Team,

We tried enabling basic auth for our project.
While we are planning to migrate to solr 8, in the meantime, due to
reported security issues, we want to add basic auth to our existing 5.3.0.

We followed this:
https://lucidworks.com/post/securing-solr-basic-auth-permission-rules/

but the above steps didn't work out.

Then I followed the jetty route :
https://stackoverflow.com/questions/44590804/setting-up-basic-authentication-solr-5-3-1-for-dummies

This worked fine, but the zookeeper is throwing the following error when we
are trying to query from admin UI or from code -

{ "responseHeader": { "status": 401, "QTime": 5, "params": { "indent":
"true", "q": "*:*", "_": "1655969026930", "wt": "json" } }, "error": {
"msg": "Error from server at
http://servername:8080/solr/collectionName_shard1_replica2: Expected mime
type application/octet-stream but got text/html. <html>\n<head>\n<meta
http-equiv=\"Content-Type\" content=\"text/html;
charset=UTF-8\"/>\n<title>Error 401
Unauthorized</title>\n</head>\n<body><h2>HTTP ERROR 401</h2>\n<p>Problem
accessing /solr/collectionName_shard1_replica2/select. Reason:\n<pre>
Unauthorized</pre></p><hr><i><small>Powered by
Jetty://</small></i><hr/>\n\n</body>\n</html>\n", "code": 401 } }

Can you please share your opinion or guidance.

Thanks,
Tamal

Re: Facing an issue with solr 5.3.0 basic auth enablement

Posted by Shawn Heisey <ap...@elyograg.org>.

On 6/23/2022 1:42 AM, Tamal Choudhury wrote:
> This worked fine, but the zookeeper is throwing the following error when we
> are trying to query from admin UI or from code -
>
> { "responseHeader": { "status": 401, "QTime": 5, "params": { "indent":
> "true", "q": "*:*", "_": "1655969026930", "wt": "json" } }, "error": {
> "msg": "Error from server at
> http://servername:8080/solr/collectionName_shard1_replica2: Expected mime
> type application/octet-stream but got text/html. <html>\n<head>\n<meta
> http-equiv=\"Content-Type\" content=\"text/html;
> charset=UTF-8\"/>\n<title>Error 401
> Unauthorized</title>\n</head>\n<body><h2>HTTP ERROR 401</h2>\n<p>Problem
> accessing /solr/collectionName_shard1_replica2/select. Reason:\n<pre>
> Unauthorized</pre></p><hr><i><small>Powered by
> Jetty://</small></i><hr/>\n\n</body>\n</html>\n", "code": 401 } }

That error came from the Jetty server included with Solr, not Zookeeper.

A 401 error means that authentication was required, but auth data either 
was not sent, or was invalid.

Thanks,
Shawn