RE: Re:Re: Implementing security.json is breaking ADDREPLICA

Oakley, Craig (NIH/NLM/NCBI) [C] Fri, 20 Nov 2015 10:05:47 -0800

Thank you again for the reply.

Below is the Email I was about to send prior to your reply a moment ago: shall 
I try again without "read" in the security.json?

The Collections API method was not discussed in the "Unleashed" class at the 
conference in DC in 2014 (probably because it was not yet available), so I was 
using the method I knew.

I have now tried again using admin/collections?action=CREATE (using different 
port numbers to avoid confusion from the failed previous attempts: the 
previously created nodes had been shutdown and their core.properties files 
renamed so as not to be discovered), but the results are the same:
INFO  - 2015-11-20 16:56:25.283; [c:xmpl3 s:shard1 r:core_node2 
x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy; Starting 
Replication Recovery.
INFO  - 2015-11-20 16:56:25.284; [c:xmpl3 s:shard1 r:core_node2 
x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy; Begin 
buffering updates.
INFO  - 2015-11-20 16:56:25.284; [c:xmpl3 s:shard1 r:core_node2 
x:xmpl3_shard1_replica2] org.apache.solr.update.UpdateLog; Starting to buffer 
updates. FSUpdateLog{state=ACTIVE, tlog=null}
INFO  - 2015-11-20 16:56:25.284; [c:xmpl3 s:shard1 r:core_node2 
x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy; Attempting to 
replicate from http://{IP-address-redacted}:4685/solr/xmpl3_shard1_replica1/.
ERROR - 2015-11-20 16:56:25.292; [c:xmpl3 s:shard1 r:core_node2 
x:xmpl3_shard1_replica2] org.apache.solr.common.SolrException; Error while 
trying to 
recover:org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: 
Error from server at 
http://{IP-address-redacted}:4685/solr/xmpl3_shard1_replica1: Expected mime 
type application/octet-stream but got text/html. <html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>Error 401 Unauthorized request, Response code: 401</title>
</head>
<body><h2>HTTP ERROR 401</h2>
<p>Problem accessing /solr/xmpl3_shard1_replica1/update. Reason:
<pre>    Unauthorized request, Response code: 
401</pre></p><hr><i><small>Powered by Jetty://</small></i><hr/>

</body>
</html>

        at 
org.apache.solr.client.solrj.impl.HttpSolrClient.executeMethod(HttpSolrClient.java:528)
        at 
org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:234)
        at 
org.apache.solr.client.solrj.impl.HttpSolrClient.request(HttpSolrClient.java:226)
        at 
org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:135)
        at 
org.apache.solr.client.solrj.SolrRequest.process(SolrRequest.java:152)
        at 
org.apache.solr.cloud.RecoveryStrategy.commitOnLeader(RecoveryStrategy.java:207)
        at 
org.apache.solr.cloud.RecoveryStrategy.replicate(RecoveryStrategy.java:147)
        at 
org.apache.solr.cloud.RecoveryStrategy.doRecovery(RecoveryStrategy.java:437)
        at org.apache.solr.cloud.RecoveryStrategy.run(RecoveryStrategy.java:227)

INFO  - 2015-11-20 16:56:25.292; [c:xmpl3 s:shard1 r:core_node2 
x:xmpl3_shard1_replica2] org.apache.solr.update.UpdateLog; Dropping buffered 
updates FSUpdateLog{state=BUFFERING, tlog=null}
ERROR - 2015-11-20 16:56:25.293; [c:xmpl3 s:shard1 r:core_node2 
x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy; Recovery 
failed - trying again... (2)
INFO  - 2015-11-20 16:56:25.293; [c:xmpl3 s:shard1 r:core_node2 
x:xmpl3_shard1_replica2] org.apache.solr.cloud.RecoveryStrategy; Wait 8.0 
seconds before trying to recover again (3)

Below is a list of the steps I took.

./zkcli.sh --zkhost localhost:4545 -cmd makepath /solr/xmpl3
./zkcli.sh --zkhost localhost:4545/solr/xmpl3 -cmd putfile /security.json 
~/solr/security151119a.json
./zkcli.sh --zkhost localhost:4545/solr/xmpl3 -cmd upconfig -confdir 
../../solr/configsets/basic_configs/conf -confname xmpl3
cd ../../../bin/
./solr -c -p 4695 -d ~dbman/solr/straight531outofbox/solr-5.3.1/server/ -z 
localhost:4545/solr/xmpl3 -s 
~dbman/solr/straight531outofbox/solr-5.3.1/example/solr
./solr -c -p 4685 -d ~dbman/solr/straight531outofbox/solr-5.3.1/server/ -z 
localhost:4545/solr/xmpl3 -s 
~dbman/solr/straight531outofbox/solr-5.3.1/server/solr
curl -u solr:SolrRocks 
'http://nosqltest11:4685/solr/admin/collections?action=CREATE&name=xmpl3&numShards=1&replicationFactor=1&createNodeSet={IP-address-redacted}:4685_solr'
curl -u solr:SolrRocks 
'http://nosqltest11:4685/solr/admin/collections?action=ADDREPLICA&collection=xmpl3&shard=shard1&node={IP-address-redacted}:4695_solr&wt=json&indent=true'

Can you provide a list of steps to take in an out-of-the-box directory tree 
whereby ADDREPLICA _will_ work with security.json already in place?

-----Original Message-----
From: Anshum Gupta [mailto:ans...@anshumgupta.net] 
Sent: Thursday, November 19, 2015 3:44 PM
To: solr-user@lucene.apache.org
Subject: Re: Re:Re: Implementing security.json is breaking ADDREPLICA

I'll try out what you did later in the day, as soon as I get time but why
exactly are you creating cores manually? Seems like you manually create a
core and the try to add a replica. Can you try using the Collections API to
create a collection?

Starting Solr 5.0, the only supported way to create a new collection is via
the Collections API. Creating a core would lead to a collection creation
but that's not really supported. It was just something that was done when
there were no Collections API.

On Thu, Nov 19, 2015 at 12:36 PM, Oakley, Craig (NIH/NLM/NCBI) [C] <
craig.oak...@nih.gov> wrote:

> I tried again with the following security.json, but the results were the
> same:
>
> {
>   "authentication":{
>     "class":"solr.BasicAuthPlugin",
>     "credentials":{
>       "solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=",
>       "solruser":"VgZX1TAMNHT2IJikoGdKtxQdXc+MbNwfqzf89YqcLEE=
> 37pPWQ9v4gciIKHuTmFmN0Rv66rnlMOFEWfEy9qjJfY="},
>     "":{"v":9}},
>   "authorization":{
>     "class":"solr.RuleBasedAuthorizationPlugin",
>     "user-role":{
>       "solr":[
>         "admin",
>         "read",
>         "xmpladmin",
>         "xmplgen",
>         "xmplsel"],
>       "solruser":[
>         "read",
>         "xmplgen",
>         "xmplsel"]},
>     "permissions":[
>       {
>         "name":"security-edit",
>         "role":"admin"},
>       {
>         "name":"xmpl_admin",
>         "collection":"xmpl",
>         "path":"/admin/*",
>         "role":"xmpladmin"},
>       {
>         "name":"xmpl_sel",
>         "collection":"xmpl",
>         "path":"/select/*",
>         "role":null},
>       {
>          "name":"all-admin",
>          "collection":null,
>          "path":"/*",
>          "role":"xmplgen"},
>       {
>          "name":"all-core-handlers",
>          "path":"/*",
>          "role":"xmplgen"}],
>     "":{"v":42}}}
>
> -----Original Message-----
> From: Oakley, Craig (NIH/NLM/NCBI) [C]
> Sent: Thursday, November 19, 2015 1:46 PM
> To: 'solr-user@lucene.apache.org' <solr-user@lucene.apache.org>
> Subject: RE: Re:Re: Implementing security.json is breaking ADDREPLICA
>
> I note that the thread called "Security Problems" (most recent post by
> Nobel Paul) seems like it may help with much of what I'm trying to do. I
> will see to what extent that may help.
>

-- 
Anshum Gupta

RE: Re:Re: Implementing security.json is breaking ADDREPLICA

Reply via email to