You are viewing a plain text version of this content. The canonical link for it is here.
Posted to solr-user@lucene.apache.org by Rakhi Khatwani <rk...@gmail.com> on 2010/07/01 08:35:38 UTC

Re: Unbuffered Exception while setting permissions

Hi Lance,
               Thankyou so much. It worked with pre-emptive authentication

On Thu, Jul 1, 2010 at 2:15 AM, Lance Norskog <go...@gmail.com> wrote:

> Other problems with this error have been solved by doing pre-emptive
> authentication.
>
> On Wed, Jun 30, 2010 at 4:26 AM, Rakhi Khatwani <rk...@gmail.com>
> wrote:
> > This error usually occurs when i do a server.add(inpDoc).
> >
> > Behind the logs:
> >
> > 192.168.0.106 - - [30/Jun/2010:11:30:38 +0000] "GET
> > /solr/GPTWPI/update?qt=%2Fupdate&optimize=true&wt=javabin&version=1
> > HTTP/1.1" 200 41
> >
> > 192.168.0.106 - - [30/Jun/2010:11:30:38 +0000] "GET
> > /solr/GPTWPI/select?q=aid%3A30234&wt=javabin&version=1 HTTP/1.1" 401 1389
> >
> > 192.168.0.106 - admin [30/Jun/2010:11:30:38 +0000] "GET
> > /solr/GPTWPI/select?q=aid%3A30234&wt=javabin&version=1 HTTP/1.1" 200 70
> >
> > 192.168.0.106 - - [30/Jun/2010:11:30:38 +0000] "POST
> > /solr/GPTWPI/update?wt=javabin&version=1 HTTP/1.1" 200 41 (Works when i
> > comment out the auth-constraint for RW)
> >
> >                                        AND
> >
> > 192.168.0.106 - - [30/Jun/2010:11:29:09 +0000] "POST
> > /solr/GPTWPI/update?wt=javabin&version=1 HTTP/1.1" 401 1389 (Does not
> work
> > when i add the auth-constraint for RW)
> >
> > 192.168.0.106 - - [30/Jun/2010:11:30:38 +0000] "GET
> > /solr/GPTWPI/update?qt=%2Fupdate&commit=true&wt=javabin&version=1
> HTTP/1.1"
> > 200 41
> >
> > so what i conclude is that the authentication does not work when we do a
> > POST method and works for GET methods. correct me if i am wrong.
> > and how do i get it working?
> >
> > Regards,
> > Raakhi
> >
> > On Wed, Jun 30, 2010 at 2:22 PM, Rakhi Khatwani <rk...@gmail.com>
> wrote:
> >
> >> I was going through the logs,
> >> Everytime i try doing an update (and ofcourse ending up with unbuffered
> >> exception) the log outputs the following line
> >> [30/Jun/2010:09:02:52 +0000] "POST
> /solr/core1/update?wt=javabin&version=1
> >> HTTP/1.1" 401 1389
> >>
> >> Regards
> >> Raakhi
> >>
> >> On Wed, Jun 30, 2010 at 12:27 PM, Rakhi Khatwani <rkhatwani@gmail.com
> >wrote:
> >>
> >>> PS: I am using solr 1.4
> >>>
> >>> Regards,
> >>> Raakhi
> >>>
> >>> On Wed, Jun 30, 2010 at 12:05 PM, Rakhi Khatwani <rkhatwani@gmail.com
> >wrote:
> >>>
> >>>> Hi,
> >>>>        I am trying out solr security on my setup from the following
> >>>> links:
> >>>> http://wiki.apache.org/solr/SolrSecurity
> >>>>
> >>>>
> http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores
> >>>>
> >>>> Following is my configuration:
> >>>>
> >>>> realms.properties:
> >>>> admin: admin,server-administrator,content-administrator,admin
> >>>> other: OBF:1xmk1w261u9r1w1c1xmq
> >>>> guest: guest,read-only
> >>>> rakhi: rakhi,RW-role
> >>>>
> >>>> jetty.xml:
> >>>> ...
> >>>> <Set name="UserRealms">
> >>>> <Array type="org.mortbay.jetty.security.UserRealm">
> >>>> <Item>
> >>>> <New class="org.mortbay.jetty.security.HashUserRealm">
> >>>>   <Set name="name">Test Realm</Set>
> >>>> <Set name="config"><SystemProperty name="jetty.home"
> >>>> default="."/>/etc/realm.properties</Set>
> >>>> </New>
> >>>> </Item>
> >>>> </Array>
> >>>> </Set>
> >>>>
> >>>> ...
> >>>>
> >>>> WebDefault.xml:
> >>>> <!-- block by default. -->
> >>>> <security-constraint>
> >>>> <web-resource-collection>
> >>>> <web-resource-name>Default</web-resource-name>
> >>>> <url-pattern>/</url-pattern>
> >>>> </web-resource-collection>
> >>>> <auth-constraint/> <!-- BLOCK! -->
> >>>> </security-constraint>
> >>>>
> >>>> <!-- Setting admin access. -->
> >>>>  <security-constraint>
> >>>>    <web-resource-collection>
> >>>>    <web-resource-name>Solr authenticated
> application</web-resource-name>
> >>>>     <url-pattern>/admin/*</url-pattern>
> >>>>     <url-pattern>/core1/admin/*</url-pattern>
> >>>>    </web-resource-collection>
> >>>>    <auth-constraint>
> >>>>     <role-name>admin</role-name>
> >>>>     <role-name>FullAccess-role</role-name>
> >>>>    </auth-constraint>
> >>>> </security-constraint>
> >>>>
> >>>> <!-- this constraint has no auth constraint or data constraint =>
> allows
> >>>> without auth. -->
> >>>> <security-constraint>
> >>>> <web-resource-collection>
> >>>> <web-resource-name>AllowedQueries</web-resource-name>
> >>>>   <url-pattern>/core1/select/*</url-pattern>
> >>>> </web-resource-collection>
> >>>> </security-constraint>
> >>>>
> >>>> <login-config>
> >>>> <auth-method>BASIC</auth-method>
> >>>>   <realm-name>Test Realm</realm-name>
> >>>> </login-config>
> >>>> <security-role>
> >>>> <role-name>Admin-role</role-name>
> >>>> </security-role>
> >>>> <security-role>
> >>>> <role-name>FullAccess-role</role-name>
> >>>> </security-role>
> >>>> <security-role>
> >>>> <role-name>RW-role</role-name>
> >>>> </security-role>
> >>>>
> >>>>
> >>>> So Far Everything works good. I get a forbidden exception as soon as i
> >>>> try to commit documents in solr.
> >>>> but when i add the following security constraint tag in
> webdefault.xml,
> >>>>
> >>>> <!-- this constraint allows access to modify the data in the SOLR
> >>>> service, with basic auth -->
> >>>> <security-constraint>
> >>>> <web-resource-collection>
> >>>> <web-resource-name>RW</web-resource-name>
> >>>> <!-- the dataimport handler for each individual core -->
> >>>>   <url-pattern>/core1/dataimport</url-pattern>
> >>>> <!-- the update handler (XML over HTTP) for each individual core -->
> >>>>   <url-pattern>/core1/update/*</url-pattern>
> >>>> </web-resource-collection>
> >>>> <auth-constraint>
> >>>> <!-- Roles of users are defined int the properties file -->
> >>>> <!-- we allow users with rw-only access -->
> >>>> <role-name>RW-role</role-name>
> >>>> <!-- we allow users with full access -->
> >>>> <role-name>FullAccess-role</role-name>
> >>>> </auth-constraint>
> >>>> </security-constraint>
> >>>>
> >>>> I get the following exception:
> >>>>
> >>>> org.apache.solr.client.solrj.SolrServerException:
> >>>> org.apache.commons.httpclient.ProtocolException: Unbuffered entity
> enclosing
> >>>> request can not be repeated.
> >>>> at
> >>>>
> org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469)
> >>>> at
> >>>>
> org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:243)
> >>>> at
> >>>>
> org.apache.solr.client.solrj.request.AbstractUpdateRequest.process(AbstractUpdateRequest.java:105)
> >>>> at org.apache.solr.client.solrj.SolrServer.add(SolrServer.java:64)
> >>>> at Authentication.AuthenticationTest.main(AuthenticationTest.java:35)
> >>>> Caused by: org.apache.commons.httpclient.ProtocolException: Unbuffered
> >>>> entity enclosing request can not be repeated.
> >>>> at
> >>>>
> org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:487)
> >>>> at
> >>>>
> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
> >>>> at
> >>>>
> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> >>>> at
> >>>>
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> >>>> at
> >>>>
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> >>>> at
> >>>>
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> >>>> at
> >>>>
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
> >>>> at
> >>>>
> org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:416)
> >>>> ... 4 more
> >>>>
> >>>>
> >>>> My Java code is as follows:
> >>>> public class AuthenticationTest {
> >>>> public static void main(String[] args) {
> >>>> try {
> >>>> HttpClient client = new HttpClient();
> >>>> AuthScope scope = new
> AuthScope(AuthScope.ANY_HOST,AuthScope.ANY_PORT);
> >>>> client.getState().setCredentials(scope, new
> >>>> UsernamePasswordCredentials("rakhi","rakhi"));
> >>>>   SolrServer server = new CommonsHttpSolrServer("
> >>>> http://localhost:8983/solr/core1/",client);
> >>>>
> >>>> SolrQuery query = new SolrQuery();
> >>>> query.setQuery("*:*");
> >>>> QueryResponse response = server.query(query);
> >>>> System.out.println(response.getStatus());
> >>>>
> >>>> SolrInputDocument doc = new SolrInputDocument();
> >>>> doc.setField("aid", "0");
> >>>> doc.setField("rct", "Sample Data for authentication");
> >>>> server.add(doc);
> >>>> server.commit();
> >>>> } catch (MalformedURLException e) {
> >>>> // TODO Auto-generated catch block
> >>>> e.printStackTrace();
> >>>> } catch (SolrServerException e) {
> >>>> // TODO Auto-generated catch block
> >>>> e.printStackTrace();
> >>>> } catch (IOException e) {
> >>>> // TODO Auto-generated catch block
> >>>> e.printStackTrace();
> >>>> }
> >>>> }
> >>>> }
> >>>>
> >>>> Any Pointers?
> >>>> Regards,
> >>>> Raakhi Khatwani
> >>>>
> >>>
> >>>
> >>
> >
>
>
>
> --
> Lance Norskog
> goksron@gmail.com
>