Solr Admin Page authentication

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Solr Admin Page authentication

Marcin Rzewucki
Hi,

Does anybody know if SOLR supports Admin Page authentication ?
I'm using Jetty from the latest solr package. I added security option to
start.ini:
OPTIONS=Server,webapp,security

and in configuration file I have (according to Jetty documentation):
    <!-- =========================================================== -->
    <!-- Configure Authentication Login Service                      -->
    <!-- =========================================================== -->
    <Call name="addBean">
      <Arg>
        <New class="org.eclipse.jetty.security.HashLoginService">
          <Set name="name">Test Realm</Set>
          <Set name="config"><Property name="jetty.home"
default="."/>/etc/realm.properties</Set>
          <Set name="refreshInterval">0</Set>
        </New>
      </Arg>
    </Call>

However, it does not seem to be working. Is something missing or it won't
work for Solr ?

Kind regards.
Reply | Threaded
Open this post in threaded view
|

Re: Solr Admin Page authentication

Michael Long
It doesn't... you would have to do this with jetty or tomcat. But I
noticed with 4.0 it no longer lives under /admin but rather /solr...and
that means you can't just password-protect it without
password-protecting all of solr. If I am wrong, please let me know...I
would love to protect it somehow

On 11/16/2012 10:55 AM, Marcin Rzewucki wrote:

> Hi,
>
> Does anybody know if SOLR supports Admin Page authentication ?
> I'm using Jetty from the latest solr package. I added security option to
> start.ini:
> OPTIONS=Server,webapp,security
>
> and in configuration file I have (according to Jetty documentation):
>      <!-- =========================================================== -->
>      <!-- Configure Authentication Login Service                      -->
>      <!-- =========================================================== -->
>      <Call name="addBean">
>        <Arg>
>          <New class="org.eclipse.jetty.security.HashLoginService">
>            <Set name="name">Test Realm</Set>
>            <Set name="config"><Property name="jetty.home"
> default="."/>/etc/realm.properties</Set>
>            <Set name="refreshInterval">0</Set>
>          </New>
>        </Arg>
>      </Call>
>
> However, it does not seem to be working. Is something missing or it won't
> work for Solr ?
>
> Kind regards.
>

Reply | Threaded
Open this post in threaded view
|

Re: Solr Admin Page authentication

Alexandre Rafalovitch
The UI is under Solr, but actual operations I think are still under
 /solr/admin and /solr/corename/admin :
  <requestHandler name="/admin/"  class="solr.admin.AdminHandlers" />

I wonder if it is possible to protect those resources and whether the
browser will pop-up the authentication on first access (even if from AJAX
call). Or it might be possible to have a fake resource loading from that
area to force auth request?

Regards,
   Alex.


Personal blog: http://blog.outerthoughts.com/
LinkedIn: http://www.linkedin.com/in/alexandrerafalovitch
- Time is the quality of nature that keeps events from happening all at
once. Lately, it doesn't seem to be working.  (Anonymous  - via GTD book)


On Fri, Nov 16, 2012 at 11:32 AM, Michael Long <[hidden email]>wrote:

> It doesn't... you would have to do this with jetty or tomcat. But I
> noticed with 4.0 it no longer lives under /admin but rather /solr...and
> that means you can't just password-protect it without password-protecting
> all of solr. If I am wrong, please let me know...I would love to protect it
> somehow
>
>
> On 11/16/2012 10:55 AM, Marcin Rzewucki wrote:
>
>> Hi,
>>
>> Does anybody know if SOLR supports Admin Page authentication ?
>> I'm using Jetty from the latest solr package. I added security option to
>> start.ini:
>> OPTIONS=Server,webapp,security
>>
>> and in configuration file I have (according to Jetty documentation):
>>      <!-- ==============================**=============================
>> -->
>>      <!-- Configure Authentication Login Service                      -->
>>      <!-- ==============================**=============================
>> -->
>>      <Call name="addBean">
>>        <Arg>
>>          <New class="org.eclipse.jetty.**security.HashLoginService">
>>            <Set name="name">Test Realm</Set>
>>            <Set name="config"><Property name="jetty.home"
>> default="."/>/etc/realm.**properties</Set>
>>            <Set name="refreshInterval">0</Set>
>>          </New>
>>        </Arg>
>>      </Call>
>>
>> However, it does not seem to be working. Is something missing or it won't
>> work for Solr ?
>>
>> Kind regards.
>>
>>
>
Reply | Threaded
Open this post in threaded view
|

Re: Solr Admin Page authentication

Stefan Matheis-2
Alex


On Friday, November 16, 2012 at 5:44 PM, Alexandre Rafalovitch wrote:

> I wonder if it is possible to protect those resources and whether the
> browser will pop-up the authentication on first access (even if from AJAX
> call). Or it might be possible to have a fake resource loading from that
> area to force auth request?

The AJAX Calls will silently fail - the server is simply responding with an 401, but not more. Of course you can setup an error handler for that case, but you have to do the whole authentication management yourself (the browser doesn't help you while using AJAX Calls, i'm afraid)

Stefan
Reply | Threaded
Open this post in threaded view
|

Re: Solr Admin Page authentication

Marcin Rzewucki
In reply to this post by Michael Long
Hi,

Yes, I'm trying to add authentication to Jetty (for solr4), according to
this wiki page:
http://wiki.apache.org/solr/SolrSecurity

Does it work for you ?

On 16 November 2012 17:32, Michael Long <[hidden email]> wrote:

> It doesn't... you would have to do this with jetty or tomcat. But I
> noticed with 4.0 it no longer lives under /admin but rather /solr...and
> that means you can't just password-protect it without password-protecting
> all of solr. If I am wrong, please let me know...I would love to protect it
> somehow
>
>
> On 11/16/2012 10:55 AM, Marcin Rzewucki wrote:
>
>> Hi,
>>
>> Does anybody know if SOLR supports Admin Page authentication ?
>> I'm using Jetty from the latest solr package. I added security option to
>> start.ini:
>> OPTIONS=Server,webapp,security
>>
>> and in configuration file I have (according to Jetty documentation):
>>      <!-- ==============================**=============================
>> -->
>>      <!-- Configure Authentication Login Service                      -->
>>      <!-- ==============================**=============================
>> -->
>>      <Call name="addBean">
>>        <Arg>
>>          <New class="org.eclipse.jetty.**security.HashLoginService">
>>            <Set name="name">Test Realm</Set>
>>            <Set name="config"><Property name="jetty.home"
>> default="."/>/etc/realm.**properties</Set>
>>            <Set name="refreshInterval">0</Set>
>>          </New>
>>        </Arg>
>>      </Call>
>>
>> However, it does not seem to be working. Is something missing or it won't
>> work for Solr ?
>>
>> Kind regards.
>>
>>
>
Reply | Threaded
Open this post in threaded view
|

Re: Solr Admin Page authentication

Marcin Rzewucki
Hi,

I added authentication in Jetty and it works fine. However, it's strange
that url pattern like "/admin/cores*" is not working, but "/admin/*" works
correct.

Regards.

On 17 November 2012 01:10, Marcin Rzewucki <[hidden email]> wrote:

> Hi,
>
> Yes, I'm trying to add authentication to Jetty (for solr4), according to
> this wiki page:
> http://wiki.apache.org/solr/SolrSecurity
>
> Does it work for you ?
>
>
> On 16 November 2012 17:32, Michael Long <[hidden email]> wrote:
>
>> It doesn't... you would have to do this with jetty or tomcat. But I
>> noticed with 4.0 it no longer lives under /admin but rather /solr...and
>> that means you can't just password-protect it without password-protecting
>> all of solr. If I am wrong, please let me know...I would love to protect it
>> somehow
>>
>>
>> On 11/16/2012 10:55 AM, Marcin Rzewucki wrote:
>>
>>> Hi,
>>>
>>> Does anybody know if SOLR supports Admin Page authentication ?
>>> I'm using Jetty from the latest solr package. I added security option to
>>> start.ini:
>>> OPTIONS=Server,webapp,security
>>>
>>> and in configuration file I have (according to Jetty documentation):
>>>      <!-- ==============================**=============================
>>> -->
>>>      <!-- Configure Authentication Login Service                      -->
>>>      <!-- ==============================**=============================
>>> -->
>>>      <Call name="addBean">
>>>        <Arg>
>>>          <New class="org.eclipse.jetty.**security.HashLoginService">
>>>            <Set name="name">Test Realm</Set>
>>>            <Set name="config"><Property name="jetty.home"
>>> default="."/>/etc/realm.**properties</Set>
>>>            <Set name="refreshInterval">0</Set>
>>>          </New>
>>>        </Arg>
>>>      </Call>
>>>
>>> However, it does not seem to be working. Is something missing or it won't
>>> work for Solr ?
>>>
>>> Kind regards.
>>>
>>>
>>
>