RE: [EXTERNAL] Re: connecting to Solr 9.1

["Oakley, Craig (NIH/NLM/NCBI) [C]" <cr...@nih.gov.INVALID>]

Indeed that fixed the problem. Thanks

-----Original Message-----
From: Kevin Risden <kr...@apache.org> 
Sent: Wednesday, December 14, 2022 10:48 AM
To: craig.oakley@nih.gov.invalid
Cc: users@solr.apache.org
Subject: [EXTERNAL] Re: connecting to Solr 9.1

https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsolr.apache.org%2Fguide%2Fsolr%2Flatest%2Fupgrade-notes%2Fmajor-changes-in-solr-9.html%23security&amp;data=05%7C01%7Ccraig.oakley%40nih.gov%7C26e5a1caea134294378b08daddea986f%7C14b77578977342d58507251ca2dc2b06%7C0%7C0%7C638066296916446423%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=eMiz06ySD2bzfUTh9dfmVx95y5Zzy2bl0fu2oSHWvEI%3D&amp;reserved=0

Specifically the following section:

Solr now binds to localhost network interface by default for better out of
> the box security. Administrators that need Solr exposed more broadly can
> change the SOLR_JETTY_HOST property in their Solr include (
> solr.in.sh/solr.in.cmd) file.


SOLR_JETTY_HOST is also documented in these two places:
*
https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsolr.apache.org%2Fguide%2Fsolr%2Flatest%2Fdeployment-guide%2Fsecuring-solr.html%23network-configuration&amp;data=05%7C01%7Ccraig.oakley%40nih.gov%7C26e5a1caea134294378b08daddea986f%7C14b77578977342d58507251ca2dc2b06%7C0%7C0%7C638066296916446423%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=D9F4ftqBOK2YWCp%2Fl9EuCztWjqlB975fsm75h2fKMZM%3D&amp;reserved=0
*
https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsolr.apache.org%2Fguide%2Fsolr%2Flatest%2Fdeployment-guide%2Ftaking-solr-to-production.html%23security-considerations&amp;data=05%7C01%7Ccraig.oakley%40nih.gov%7C26e5a1caea134294378b08daddea986f%7C14b77578977342d58507251ca2dc2b06%7C0%7C0%7C638066296916446423%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=Y5ISFjr2NSZdZb6Si3nJfkh4B9NNp%2FtPXw3fCEC0eoA%3D&amp;reserved=0


Kevin Risden


On Wed, Dec 14, 2022 at 10:28 AM Oakley, Craig (NIH/NLM/NCBI) [C]
<cr...@nih.gov.invalid> wrote:

> Update: I find that if I specify the hostname as localhost (running on the
> same host as the Solr instance) than it does get in. Is there some
> configuration into which certain host names should be added?
>
> -----Original Message-----
> From: Oakley, Craig (NIH/NLM/NCBI) [C] <cr...@nih.gov.INVALID>
> Sent: Wednesday, December 14, 2022 10:01 AM
> To: users@solr.apache.org
> Subject: connecting to Solr 9.1
>
> I'm trying to upgrade from Solr 8.5.2 to Solr 9.1
>
> After installing the software and starting the instance I cannot connect,
> receiving such messages as
> curl: (7) Failed connect to hostname:port; Connection refused
>
> I cannot connect through a browser either. Attempts to connect do not show
> up in solr.log (but if I use zkcli.sh to implement security.json, that does
> show up in solr.log: note that I cannot connect when there is no
> security.json, so that is not the issue).
>
> Is there some under-documented security control preventing connection?
>
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and are confident the content is safe.