PS: I am using solr 1.4 Regards, Raakhi
On Wed, Jun 30, 2010 at 12:05 PM, Rakhi Khatwani <rkhatw...@gmail.com>wrote: > Hi, > I am trying out solr security on my setup from the following links: > http://wiki.apache.org/solr/SolrSecurity > > http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores > > Following is my configuration: > > realms.properties: > admin: admin,server-administrator,content-administrator,admin > other: OBF:1xmk1w261u9r1w1c1xmq > guest: guest,read-only > rakhi: rakhi,RW-role > > jetty.xml: > ... > <Set name="UserRealms"> > <Array type="org.mortbay.jetty.security.UserRealm"> > <Item> > <New class="org.mortbay.jetty.security.HashUserRealm"> > <Set name="name">Test Realm</Set> > <Set name="config"><SystemProperty name="jetty.home" > default="."/>/etc/realm.properties</Set> > </New> > </Item> > </Array> > </Set> > > ... > > WebDefault.xml: > <!-- block by default. --> > <security-constraint> > <web-resource-collection> > <web-resource-name>Default</web-resource-name> > <url-pattern>/</url-pattern> > </web-resource-collection> > <auth-constraint/> <!-- BLOCK! --> > </security-constraint> > > <!-- Setting admin access. --> > <security-constraint> > <web-resource-collection> > <web-resource-name>Solr authenticated application</web-resource-name> > <url-pattern>/admin/*</url-pattern> > <url-pattern>/core1/admin/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>admin</role-name> > <role-name>FullAccess-role</role-name> > </auth-constraint> > </security-constraint> > > <!-- this constraint has no auth constraint or data constraint => allows > without auth. --> > <security-constraint> > <web-resource-collection> > <web-resource-name>AllowedQueries</web-resource-name> > <url-pattern>/core1/select/*</url-pattern> > </web-resource-collection> > </security-constraint> > > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>Test Realm</realm-name> > </login-config> > <security-role> > <role-name>Admin-role</role-name> > </security-role> > <security-role> > <role-name>FullAccess-role</role-name> > </security-role> > <security-role> > <role-name>RW-role</role-name> > </security-role> > > > So Far Everything works good. I get a forbidden exception as soon as i try > to commit documents in solr. > but when i add the following security constraint tag in webdefault.xml, > > <!-- this constraint allows access to modify the data in the SOLR service, > with basic auth --> > <security-constraint> > <web-resource-collection> > <web-resource-name>RW</web-resource-name> > <!-- the dataimport handler for each individual core --> > <url-pattern>/core1/dataimport</url-pattern> > <!-- the update handler (XML over HTTP) for each individual core --> > <url-pattern>/core1/update/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <!-- Roles of users are defined int the properties file --> > <!-- we allow users with rw-only access --> > <role-name>RW-role</role-name> > <!-- we allow users with full access --> > <role-name>FullAccess-role</role-name> > </auth-constraint> > </security-constraint> > > I get the following exception: > > org.apache.solr.client.solrj.SolrServerException: > org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing > request can not be repeated. > at > org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469) > at > org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:243) > at > org.apache.solr.client.solrj.request.AbstractUpdateRequest.process(AbstractUpdateRequest.java:105) > at org.apache.solr.client.solrj.SolrServer.add(SolrServer.java:64) > at Authentication.AuthenticationTest.main(AuthenticationTest.java:35) > Caused by: org.apache.commons.httpclient.ProtocolException: Unbuffered > entity enclosing request can not be repeated. > at > org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:487) > at > org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) > at > org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) > at > org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) > at > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) > at > org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:416) > ... 4 more > > > My Java code is as follows: > public class AuthenticationTest { > public static void main(String[] args) { > try { > HttpClient client = new HttpClient(); > AuthScope scope = new AuthScope(AuthScope.ANY_HOST,AuthScope.ANY_PORT); > client.getState().setCredentials(scope, new > UsernamePasswordCredentials("rakhi","rakhi")); > SolrServer server = new CommonsHttpSolrServer(" > http://localhost:8983/solr/core1/",client); > > SolrQuery query = new SolrQuery(); > query.setQuery("*:*"); > QueryResponse response = server.query(query); > System.out.println(response.getStatus()); > > SolrInputDocument doc = new SolrInputDocument(); > doc.setField("aid", "0"); > doc.setField("rct", "Sample Data for authentication"); > server.add(doc); > server.commit(); > } catch (MalformedURLException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } catch (SolrServerException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } catch (IOException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > } > } > > Any Pointers? > Regards, > Raakhi Khatwani >
