You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by md...@apache.org on 2020/05/04 21:51:48 UTC
[lucene-solr] branch master updated: SOLR-14014 Allow disabling
AdminUI at launch (#1471)
This is an automated email from the ASF dual-hosted git repository.
mdrob pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git
The following commit(s) were added to refs/heads/master by this push:
new 6f775bf SOLR-14014 Allow disabling AdminUI at launch (#1471)
6f775bf is described below
commit 6f775bfa69db5b2488ac3070e1da657919c816b9
Author: Marcus <ma...@gmail.com>
AuthorDate: Mon May 4 14:51:31 2020 -0700
SOLR-14014 Allow disabling AdminUI at launch (#1471)
---
solr/CHANGES.txt | 4 +++
solr/bin/solr | 10 ++++++-
solr/bin/solr.cmd | 8 ++++++
solr/bin/solr.in.cmd | 5 ++++
solr/bin/solr.in.sh | 5 +++-
.../apache/solr/servlet/LoadAdminUiServlet.java | 31 +++++++++++++---------
6 files changed, 48 insertions(+), 15 deletions(-)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 584ebaf..05c1bc3 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -67,6 +67,10 @@ Other Changes
* SOLR-14412: Automatically set urlScheme to https when running secure solr with embedded zookeeper. (Mike Drob)
Do not erroneously set solr.jetty.https.port system property when running in http mode (Upendra Penegalapati)
+* SOLR-14014: Introducing a system property that allows users to disable the Admin UI, which is enabled by default.
+ If you have security concerns or other reasons to disable the Admin UI, you can modify `SOLR_ADMIN_UI_DISABLED`
+ `solr.in.sh`/`solr.in.cmd` at start. (marcussorealheis)
+
================== 8.6.0 ==================
Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release.
diff --git a/solr/bin/solr b/solr/bin/solr
index 27e625f..0f57607 100755
--- a/solr/bin/solr
+++ b/solr/bin/solr
@@ -2097,6 +2097,14 @@ else
SECURITY_MANAGER_OPTS=()
fi
+# Enable ADMIN UI by default, and give the option for users to disable it
+if [ "$SOLR_ADMIN_UI_DISABLED" == "true" ]; then
+ SOLR_ADMIN_UI="-DdisableAdminUI=true"
+ echo -e "ADMIN UI Disabled"
+else
+ SOLR_ADMIN_UI="-DdisableAdminUI=false"
+fi
+
JAVA_MEM_OPTS=()
if [ -z "$SOLR_HEAP" ] && [ -n "$SOLR_JAVA_MEM" ]; then
JAVA_MEM_OPTS=($SOLR_JAVA_MEM)
@@ -2208,7 +2216,7 @@ function start_solr() {
# users who don't care about useful error msgs can override in SOLR_OPTS with +OmitStackTraceInFastThrow
"${SOLR_HOST_ARG[@]}" "-Duser.timezone=$SOLR_TIMEZONE" "-XX:-OmitStackTraceInFastThrow" \
"-Djetty.home=$SOLR_SERVER_DIR" "-Dsolr.solr.home=$SOLR_HOME" "-Dsolr.data.home=$SOLR_DATA_HOME" "-Dsolr.install.dir=$SOLR_TIP" \
- "-Dsolr.default.confdir=$DEFAULT_CONFDIR" "${LOG4J_CONFIG[@]}" "${SOLR_OPTS[@]}" "${SECURITY_MANAGER_OPTS[@]}")
+ "-Dsolr.default.confdir=$DEFAULT_CONFDIR" "${LOG4J_CONFIG[@]}" "${SOLR_OPTS[@]}" "${SECURITY_MANAGER_OPTS[@]}" "${SOLR_ADMIN_UI}")
if [ "$SOLR_MODE" == "solrcloud" ]; then
IN_CLOUD_MODE=" in SolrCloud mode"
diff --git a/solr/bin/solr.cmd b/solr/bin/solr.cmd
index 4b3f991..8001245 100755
--- a/solr/bin/solr.cmd
+++ b/solr/bin/solr.cmd
@@ -1199,6 +1199,13 @@ IF "%SOLR_SECURITY_MANAGER_ENABLED%"=="true" (
-Dsolr.internal.network.permission=*
)
+REM Enable ADMIN UI by default, and give the option for users to disable it
+IF "%SOLR_ADMIN_UI_DISABLED%"=="true" (
+ set DISABLE_ADMIN_UI="true"
+) else (
+ set DISABLE_ADMIN_UI="false"
+)
+
IF NOT "%SOLR_HEAP%"=="" set SOLR_JAVA_MEM=-Xms%SOLR_HEAP% -Xmx%SOLR_HEAP%
IF "%SOLR_JAVA_MEM%"=="" set SOLR_JAVA_MEM=-Xms512m -Xmx512m
IF "%SOLR_JAVA_STACK_SIZE%"=="" set SOLR_JAVA_STACK_SIZE=-Xss256k
@@ -1288,6 +1295,7 @@ REM '-OmitStackTraceInFastThrow' ensures stack traces in errors,
REM users who don't care about useful error msgs can override in SOLR_OPTS with +OmitStackTraceInFastThrow
set "START_OPTS=%START_OPTS% -XX:-OmitStackTraceInFastThrow"
set START_OPTS=%START_OPTS% !GC_TUNE! %GC_LOG_OPTS%
+set START_OPTS=%START_OPTS% -DdisableAdminUI=%DISABLE_ADMIN_UI%
IF NOT "!CLOUD_MODE_OPTS!"=="" set "START_OPTS=%START_OPTS% !CLOUD_MODE_OPTS!"
IF NOT "!IP_ACL_OPTS!"=="" set "START_OPTS=%START_OPTS% !IP_ACL_OPTS!"
IF NOT "%REMOTE_JMX_OPTS%"=="" set "START_OPTS=%START_OPTS% %REMOTE_JMX_OPTS%"
diff --git a/solr/bin/solr.in.cmd b/solr/bin/solr.in.cmd
index 45622d8..48a0a60 100755
--- a/solr/bin/solr.in.cmd
+++ b/solr/bin/solr.in.cmd
@@ -203,3 +203,8 @@ REM Runtime properties are passed to the security policy file (server\etc\securi
REM You can also tweak via standard JDK files such as ~\.java.policy, see https://s.apache.org/java8policy
REM This is experimental! It may not work at all with Hadoop/HDFS features.
REM set SOLR_SECURITY_MANAGER_ENABLED=true
+REM This variable provides you with the option to disable the Admin UI. if you uncomment the variable below and
+REM change the value to true. The option is configured as a system property as defined in SOLR_START_OPTS in the start
+REM scripts.
+REM set SOLR_ADMIN_UI_DISABLED=false
+
diff --git a/solr/bin/solr.in.sh b/solr/bin/solr.in.sh
index b13d208..b336a03 100644
--- a/solr/bin/solr.in.sh
+++ b/solr/bin/solr.in.sh
@@ -234,4 +234,7 @@
# You can also tweak via standard JDK files such as ~/.java.policy, see https://s.apache.org/java8policy
# This is experimental! It may not work at all with Hadoop/HDFS features.
#SOLR_SECURITY_MANAGER_ENABLED=true
-
+# This variable provides you with the option to disable the Admin UI. if you uncomment the variable below and
+# change the value to true. The option is configured as a system property as defined in SOLR_START_OPTS in the start
+# scripts.
+# SOLR_ADMIN_UI_DISABLED=false
diff --git a/solr/core/src/java/org/apache/solr/servlet/LoadAdminUiServlet.java b/solr/core/src/java/org/apache/solr/servlet/LoadAdminUiServlet.java
index 4476351..54d5924 100644
--- a/solr/core/src/java/org/apache/solr/servlet/LoadAdminUiServlet.java
+++ b/solr/core/src/java/org/apache/solr/servlet/LoadAdminUiServlet.java
@@ -15,6 +15,13 @@
* limitations under the License.
*/
package org.apache.solr.servlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStreamWriter;
+import java.io.Writer;
+import java.nio.charset.StandardCharsets;
import org.apache.commons.io.IOUtils;
import org.apache.commons.io.output.CloseShieldOutputStream;
@@ -24,15 +31,6 @@ import org.apache.solr.common.params.CommonParams;
import org.apache.solr.core.CoreContainer;
import org.apache.solr.core.SolrCore;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStreamWriter;
-import java.io.Writer;
-import java.nio.charset.StandardCharsets;
-
/**
* A simple servlet to load the Solr Admin UI
*
@@ -40,13 +38,20 @@ import java.nio.charset.StandardCharsets;
*/
public final class LoadAdminUiServlet extends BaseSolrServlet {
+ // check system properties for whether or not admin UI is disabled, default is false
+ private static final boolean disabled = Boolean.parseBoolean(System.getProperty("disableAdminUI", "false"));
+
@Override
- public void doGet(HttpServletRequest _request,
- HttpServletResponse _response)
- throws IOException {
+ public void doGet(HttpServletRequest _request, HttpServletResponse _response) throws IOException {
+ if(disabled){
+ _response.sendError(404, "Solr Admin UI is disabled. To enable it, change the default value of SOLR_ADMIN_UI_" +
+ "ENABLED in bin/solr.in.sh or solr.in.cmd.");
+ return;
+ }
HttpServletRequest request = SolrDispatchFilter.closeShield(_request, false);
HttpServletResponse response = SolrDispatchFilter.closeShield(_response, false);
-
+
+
response.addHeader("X-Frame-Options", "DENY"); // security: SOLR-7966 - avoid clickjacking for admin interface
// This attribute is set by the SolrDispatchFilter