You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by sh...@apache.org on 2016/09/12 09:33:44 UTC
[07/15] lucene-solr:branch_6_2: SOLR-9188: blockUnknown property
makes inter-node communication impossible
SOLR-9188: blockUnknown property makes inter-node communication impossible
(cherry picked from commit b3526c5)
Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo
Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/988c2149
Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/988c2149
Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/988c2149
Branch: refs/heads/branch_6_2
Commit: 988c2149802285a9be9f8036bf803ca610e27cad
Parents: 83cd8c1
Author: Noble Paul <no...@apache.org>
Authored: Mon Aug 29 18:38:56 2016 +0530
Committer: Shalin Shekhar Mangar <sh...@apache.org>
Committed: Mon Sep 12 10:06:04 2016 +0530
----------------------------------------------------------------------
solr/CHANGES.txt | 2 ++
.../org/apache/solr/security/BasicAuthPlugin.java | 1 +
.../org/apache/solr/servlet/SolrDispatchFilter.java | 1 +
.../solr/security/BasicAuthIntegrationTest.java | 15 ++++++++++++---
4 files changed, 16 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/988c2149/solr/CHANGES.txt
----------------------------------------------------------------------
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 6d99b02..4856048 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -38,6 +38,8 @@ Bug Fixes
compatibility. (Uwe Schindler, Boris Steiner)
* SOLR-9389: HDFS Transaction logs stay open for writes which leaks Xceivers. (Tim Owen via Mark Miller)
+
+* SOLR-9188: blockUnknown property makes inter-node communication impossible (noble)
================== 6.2.0 ==================
Versions of Major Components
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/988c2149/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java b/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
index e3f53a2..49c02d7 100644
--- a/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
+++ b/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
@@ -71,6 +71,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita
for (Map.Entry<String, Object> e : command.getDataMap().entrySet()) {
if (PROPS.contains(e.getKey())) {
latestConf.put(e.getKey(), e.getValue());
+ return latestConf;
} else {
command.addError("Unknown property " + e.getKey());
}
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/988c2149/solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java
----------------------------------------------------------------------
diff --git a/solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java b/solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java
index 4a680e5..1b8c386 100644
--- a/solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java
+++ b/solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java
@@ -302,6 +302,7 @@ public class SolrDispatchFilter extends BaseSolrFilter {
if (authenticationPlugin == null) {
return true;
} else {
+ if( PKIAuthenticationPlugin.PATH.equals(((HttpServletRequest) request).getPathInfo()) ) return true;
//special case when solr is securing inter-node requests
String header = ((HttpServletRequest) request).getHeader(PKIAuthenticationPlugin.HEADER);
if (header != null && cores.getPkiAuthenticationPlugin() != null)
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/988c2149/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
----------------------------------------------------------------------
diff --git a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
index 5cb322f..f0d8b60 100644
--- a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
+++ b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
@@ -194,7 +194,7 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase {
cloudSolrClient.request(update);
- executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool");
+ executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool");
String[] toolArgs = new String[]{
"status", "-solr", baseUrl};
ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -212,7 +212,7 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase {
log.error("RunExampleTool failed due to: " + e +
"; stdout from tool prior to failure: " + baos.toString(StandardCharsets.UTF_8.name()));
}
- executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: false}}", "harry", "HarryIsUberCool");
+ executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: false}}", "harry", "HarryIsUberCool");
} finally {
if (cl != null) {
HttpClientUtil.close(cl);
@@ -232,12 +232,21 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase {
Utils.consumeFully(r.getEntity());
}
- public static void verifySecurityStatus(HttpClient cl, String url, String objPath, Object expected, int count) throws Exception {
+ public static void verifySecurityStatus(HttpClient cl, String url, String objPath,
+ Object expected, int count) throws Exception {
+ verifySecurityStatus(cl, url, objPath, expected, count, null, null);
+ }
+
+
+ public static void verifySecurityStatus(HttpClient cl, String url, String objPath,
+ Object expected, int count, String user, String pwd)
+ throws Exception {
boolean success = false;
String s = null;
List<String> hierarchy = StrUtils.splitSmart(objPath, '/');
for (int i = 0; i < count; i++) {
HttpGet get = new HttpGet(url);
+ if (user != null) setBasicAuthHeader(get, user, pwd);
HttpResponse rsp = cl.execute(get);
s = EntityUtils.toString(rsp.getEntity());
Map m = (Map) Utils.fromJSONString(s);