You are viewing a plain text version of this content. The canonical link for it is here.

Posted to solr-user@lucene.apache.org by Srinivas Kashyap <sr...@tradestonesoftware.com> on 2018/09/20 10:10:38 UTC

Jetty Sqlserver config

Hello,

I'm having problem in setting up SQL server data import handler for Jetty container.

in data config xml I have set up jndi as below:

<dataConfig>

                <dataSource type="JdbcDataSource" jndiName="java:comp/env/jdbc/tssindex" autoCommit="true" />

And I have jetty-env.xml inside WEB-INF as below:

<New id="SQLSERVER" class="org.eclipse.jetty.plus.jndi.Resource">
     <Arg></Arg>
     <Arg>java:comp/env/jdbc/tssindex</Arg>
     <Arg>
        <New class="net.sourceforge.jtds.jdbcx.JtdsDataSource">
           <Set name="User">XXXX</Set>
           <Set name="Password">XXXX</Set>
           <Set name="DatabaseName">XXXX</Set>
           <Set name="ServerName">XXXX</Set>
           <Set name="PortNumber">1433</Set>
        </New>
     </Arg>
    </New>

In Web.xml I have below:

<resource-ref>
     <description>MyDB datasource reference</description>
     <res-ref-name>java:comp/env/jdbc/tssindex</res-ref-name>
     <res-type>javax.sql.DataSource</res-type>
     <res-auth>Container</res-auth>
</resource-ref>


Once I start importing, I'm getting below exception:

javax.naming.NameNotFoundException; remaining name 'env/jdbc/tssindex'
                at org.eclipse.jetty.jndi.NamingContext.lookup(NamingContext.java:540)
                at org.eclipse.jetty.jndi.NamingContext.lookup(NamingContext.java:571)


Please guide/correct me the right approach for configuring JNDI for SQL server database.


Thanks and Regards,
Srinivas Kashyap

Re: Jetty Sqlserver config

Posted by Shawn Heisey <ap...@elyograg.org>.

On 9/20/2018 4:10 AM, Srinivas Kashyap wrote:
> I'm having problem in setting up SQL server data import handler for Jetty container.

Why not just define the datasource directly in the DIH config?

One reason I can think of why you might not want that is that you don't 
want people to be able to see the user credentials in the admin UI ... 
but my answer to that is:  Why are you allowing people you don't trust 
get to your Solr server?  Even without your database credentials, 
somebody you can't trust is able to cause all sorts of problems.  Solr 
does have the ability to encrypt passwords in the DIH config, but if 
your untrusted user is able to get to the filesystem on the Solr server, 
that is not actually secure.  See this part of the documentation:

https://lucene.apache.org/solr/guide/7_4/uploading-structured-data-store-data-with-the-data-import-handler.html#encrypting-a-database-password

Cassandra, Hoss, and anyone else who lives in the reference guide: This 
part of the documentation needs to have "echo -n" instead of just "echo" 
in the commands.  I thought I had fixed this already, but the 7.4 docs 
don't have it.  If the -n isn't used, things probably won't work right.

Another way around users being able to see DB credentials is to write 
your own indexing software that's completely separate from Solr.  Note 
that if you use this approach and make your program multi-threaded, you 
can index far faster than DIH can. DIH is single-threaded.

If you must use JNDI, you should probably be putting it into the context 
fragment file, not the places you're putting it currently.  This file is 
server/contexts/solr-jetty-context.xml if you aren't already aware.

https://wiki.eclipse.org/Jetty/Feature/JNDI

For more in-depth help, consult a Jetty support resource. Solr uses 
Jetty, but most of us here really don't know that much about it.

Thanks,
Shawn