You are viewing a plain text version of this content. The canonical link for it is here.
Posted to solr-user@lucene.apache.org by Terry Steichen <te...@net-frame.com> on 2018/03/30 02:28:48 UTC
Resetting Authentication/Authorization
When I set up the initial authentications and authorizations (I'm using
6.6.0 and running in cloud mode.), I call "bin/solr auth enable
-credentials xxx:yyy". I then use a series of additional API calls ( to
create additional users and permissions). This creates my desired
security environment (and, BTW, it seems to function as it should).
If I restart solr, it appears I must reactivate it with the same
'bin/solr auth enable -credentials xxx:yyy' command. But, it seems that
when solr is restarted this way, only the authorizations are retained
persistently. But the authentications have to be created again from
scratch.
I would like to (somehow) capture the authentication/authorization
information (probably in a security.json file?) and then (somehow)
reload it when there's a restart.
Can that be done?
Re: Resetting Authentication/Authorization
Posted by Shawn Heisey <ap...@elyograg.org>.
On 3/29/2018 8:28 PM, Terry Steichen wrote:
> When I set up the initial authentications and authorizations (I'm using
> 6.6.0 and running in cloud mode.), I call "bin/solr auth enable
> -credentials xxx:yyy".
What does this command output? There should definitely be something
output when that command is run. I don't know if it will be a lot of
output or a little bit, but whatever it is, can you provide it?
> I then use a series of additional API calls ( to
> create additional users and permissions). This creates my desired
> security environment (and, BTW, it seems to function as it should).
Can you elaborate on exactly what you did when you say "a series of
additional API calls"?
> If I restart solr, it appears I must reactivate it with the same
> 'bin/solr auth enable -credentials xxx:yyy' command. But, it seems that
> when solr is restarted this way, only the authorizations are retained
> persistently. But the authentications have to be created again from
> scratch.
Enabling the authentication when running in cloud mode should upload a
"security.json" file to zookeeper. It should also write some variables
to your solr.in.sh file, so that future usage of the bin/solr tool can
provide the authentication that is required.
Thanks,
Shawn