SolrCloud + Basic Auth : Runtime error in periodic deletion of expired docs

Mon, 11 Jul 2016 04:17:18 -0700 

Hello,

I need to secure solr, no access allowed except for user solr, so I tried to 
set-up authentication & authorization.
Everything seems to work fine, only solr user can read or modify a collection, 
but every 5 minutes this error appears in the log file of 1 instance.

2016-07-07 16:57:52,075 [autoExpireDocs-13-thread-1] ERROR [c:ranger_audits 
s:shard1 r:core_node1 x:ranger_audits_shard1_replica1] 
org.apache.solr.update.processor.DocExpirationUpdateProcessorFactory$DeleteExpiredDocsRunnable
 (DocExpirationUpdateProcessorFactory.java:424) - Runtime error in periodic 
deletion of expired docs: Async exception during distributed update: 
Unauthorized request, Response code: 401

On the other node, I found these kind of messages : 2016-07-08 09:25:26,177 
[qtp99747242-134527] INFO  [c:ranger_audits s:shard2 r:core_node2 
x:ranger_audits_shard2_replica1] 
org.apache.solr.security.RuleBasedAuthorizationPlugin
(RuleBasedAuthorizationPlugin.java:146) - request has come without principal. 
failed permission {   "name":"core-admin-read ",   "role":"admin"}


The setup is : 2 SolrCloud instances version 6.1 using an external Zookeeper, 1 
collection of 2 shards distributed on the 2 instances with replication factor 
set to 1.
Here is my security.json file :
{
"authentication":{
   "blockUnknown": false,
   "class":"solr.BasicAuthPlugin",
   "credentials":{"solr":"#############################"}
},
"authorization":{
   "class":"solr.RuleBasedAuthorizationPlugin",
   "permissions":[
       {"name":"security-edit", "role":"admin"},
       {"name":"security-read", "role":"admin"},
       {"name":"schema-edit", "role":"admin"},
       {"name":"schema-read", "role":"admin"},
       {"name":"config-edit", "role":"admin"},
       {"name":"core-admin-read ", "role":"admin"},
       {"name":"core-admin-edit", "role":"admin"},
       {"name":"config-read", "role":"admin"},
       {"name":"collection-admin-edit", "role":"admin"},
       {"name":"collection-admin-read", "role":"admin"},
       {"name":"update", "role":"admin"},
       {"name":"read", "role":"admin"},
       {"name":"all", "role":"admin"}
       ],
   "user-role":{"solr":"admin"}
}}


Any help will be much appreciated.

Regards,
Greg

Reply via email to