You are viewing a plain text version of this content. The canonical link for it is here.
Posted to solr-user@lucene.apache.org by Srinivas Kashyap <sr...@tradestonesoftware.com> on 2018/09/20 10:10:38 UTC
Jetty Sqlserver config
Hello,
I'm having problem in setting up SQL server data import handler for Jetty container.
in data config xml I have set up jndi as below:
<dataConfig>
<dataSource type="JdbcDataSource" jndiName="java:comp/env/jdbc/tssindex" autoCommit="true" />
And I have jetty-env.xml inside WEB-INF as below:
<New id="SQLSERVER" class="org.eclipse.jetty.plus.jndi.Resource">
<Arg></Arg>
<Arg>java:comp/env/jdbc/tssindex</Arg>
<Arg>
<New class="net.sourceforge.jtds.jdbcx.JtdsDataSource">
<Set name="User">XXXX</Set>
<Set name="Password">XXXX</Set>
<Set name="DatabaseName">XXXX</Set>
<Set name="ServerName">XXXX</Set>
<Set name="PortNumber">1433</Set>
</New>
</Arg>
</New>
In Web.xml I have below:
<resource-ref>
<description>MyDB datasource reference</description>
<res-ref-name>java:comp/env/jdbc/tssindex</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
Once I start importing, I'm getting below exception:
javax.naming.NameNotFoundException; remaining name 'env/jdbc/tssindex'
at org.eclipse.jetty.jndi.NamingContext.lookup(NamingContext.java:540)
at org.eclipse.jetty.jndi.NamingContext.lookup(NamingContext.java:571)
Please guide/correct me the right approach for configuring JNDI for SQL server database.
Thanks and Regards,
Srinivas Kashyap
Re: Jetty Sqlserver config
Posted by Shawn Heisey <ap...@elyograg.org>.
On 9/20/2018 4:10 AM, Srinivas Kashyap wrote:
> I'm having problem in setting up SQL server data import handler for Jetty container.
Why not just define the datasource directly in the DIH config?
One reason I can think of why you might not want that is that you don't
want people to be able to see the user credentials in the admin UI ...
but my answer to that is: Why are you allowing people you don't trust
get to your Solr server? Even without your database credentials,
somebody you can't trust is able to cause all sorts of problems. Solr
does have the ability to encrypt passwords in the DIH config, but if
your untrusted user is able to get to the filesystem on the Solr server,
that is not actually secure. See this part of the documentation:
https://lucene.apache.org/solr/guide/7_4/uploading-structured-data-store-data-with-the-data-import-handler.html#encrypting-a-database-password
Cassandra, Hoss, and anyone else who lives in the reference guide: This
part of the documentation needs to have "echo -n" instead of just "echo"
in the commands. I thought I had fixed this already, but the 7.4 docs
don't have it. If the -n isn't used, things probably won't work right.
Another way around users being able to see DB credentials is to write
your own indexing software that's completely separate from Solr. Note
that if you use this approach and make your program multi-threaded, you
can index far faster than DIH can. DIH is single-threaded.
If you must use JNDI, you should probably be putting it into the context
fragment file, not the places you're putting it currently. This file is
server/contexts/solr-jetty-context.xml if you aren't already aware.
https://wiki.eclipse.org/Jetty/Feature/JNDI
For more in-depth help, consult a Jetty support resource. Solr uses
Jetty, but most of us here really don't know that much about it.
Thanks,
Shawn