[jira] [Created] (SOLR-14569) HTTP 401 when searching on alias in secured Solr

Sun, 14 Jun 2020 14:01:15 -0700 

Isabelle Giguere created SOLR-14569:
---------------------------------------

             Summary: HTTP 401 when searching on alias in secured Solr
                 Key: SOLR-14569
                 URL: https://issues.apache.org/jira/browse/SOLR-14569
             Project: Solr
          Issue Type: Bug
      Security Level: Public (Default Security Level. Issues are Public)
          Components: Authentication
    Affects Versions: 8.5, master (9.0)
         Environment: Unit test on master branch (9x) built on Windows 10 with 
Java 11
Solr 8.5.0 instance running on CentOS 7.7 with Java 11
            Reporter: Isabelle Giguere


The issue was first noticed on an instance of Solr 8.5.0, after securing Solr 
with security.json.

Searching on a single collection returns the expected results, but searching on 
an alias returns HTTP 401.

Note that this issue is not reproduced when the collections are created using 
the _default configuration.

The attached patch includes a unit test that reproduces the issue.  The unit 
test is added to the test class that was originally part of the patch to fix 
SOLR-13510.

I also attach:
- our product-specific Solr configuration, modified to remove irrelevant 
plugins and fields
- security.json with user 'admin' (pwd 'admin')
-- Note that forwardCredentials true or false does not modify the behavior

To test with this configuration:
- Download and unzip Solr 8.5.0
- Modify ./bin/solr.in.sh : 
-- ZK_HOST (optional)
-- SOLR_AUTH_TYPE="basic"
-- SOLR_AUTHENTICATION_OPTS="-Dbasicauth=admin:admin"
- Upload security.json into Zookeeper
-- ./bin/solr zk cp file:/path/to/security.json zk:/path/to/solr/security.json 
[-z <zk_host>:<zk_port>[/<solr>]]
- Start Solr in cloud mode
-- ./bin/solr -c
- Upload the provided configuration
- ./bin/solr zk upconfig -z <zk_host>:<zk_port>[/<solr>] -n conf_en -d 
/path/to/folder/conf/
- Create 2 collections using the uploaded configuration
-- test1, test2
- Create an alias grouping the 2 collections
-- test = test1, test2
- Query (/select?q=*:*) one collection
-- results in successful Solr response
- Query the alias (/select?q=*:*)
-- results in HTTP 401






--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org

Reply via email to