You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Jason Gerlowski (JIRA)" <ji...@apache.org> on 2019/07/16 12:34:01 UTC

[jira] [Commented] (SOLR-13600) Basic Authentication for read role is not working

    [ https://issues.apache.org/jira/browse/SOLR-13600?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16886083#comment-16886083 ] 

Jason Gerlowski commented on SOLR-13600:
----------------------------------------

The Solr JIRA is not a support portal.  We try to keep it clear of everything except confirmed bugs and proposed improvements.

If you're still looking for help with this issue, please start a thread on the solr-user mailing list or ask in our IRC channel.

(Before doing so, you might want to read some about what order permissions are evaluated in, and how that can affect authz results.  "all" rules should almost always come last in your security.json.)

> Basic Authentication for read role is not working
> -------------------------------------------------
>
>                 Key: SOLR-13600
>                 URL: https://issues.apache.org/jira/browse/SOLR-13600
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Authorization
>    Affects Versions: 8.1.1
>         Environment: DEV environment
>            Reporter: Nitin Asati
>            Priority: Major
>              Labels: security
>
> Hello Team,
> I have upgraded the SOLR instance from 7.x to 8.1.1 and my READ role users are not able to search results. 
> Upon trying to access below URL, getting the error:
> [http://localhost:8984/solr/testcore/select?q=*%3A*|http://localhost:8984/solr/xcelerate/select?q=*%3A*]
> h2. HTTP ERROR 403
> Problem accessing /solr/xcelerate/select. Reason:
> Unauthorized request, Response code: 403
>  
> Below is the content of security.json file.
>  
> {
>  "authentication":{
>  "blockUnknown":true,
>  "class":"solr.BasicAuthPlugin",
>  "credentials":{
>  "solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=",
>  "searchuser":"hzx9wjm6baNqx08LpfevT8dNaojdMqIJMAF8cXanL1o= CLDitkrBjs2FbqhOZN9Ey9Qc+5xcOJHfQTbPMC2p1eU=",
>  "solradmin":"ovgoJKFnFo43fgt5Pd7bfXBwq3+vfCO3uZXVRUi7H0Q= gKRUTDGkg5RtTIgXDiKFkefuaelAWU18KlRTAv4LfFQ="},
>  "realm":"My Solr users",
>  "forwardCredentials":false,
>  "":\{"v":0}},
>  "authorization":{
>  "class":"solr.RuleBasedAuthorizationPlugin",
>  "permissions":[
>  {
>  "name":"all",
>  "role":"admin",
>  "index":1},
>  {
>  "name":"read",
>  "role":"search",
>  "index":2}],
>  "user-role":{
>  "solr":"admin",
>  "searchuser":["read"],
>  "solradmin":["admin"]},
>  "":\{"v":0}}}



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org