Hi all, I'm new to Solr, and I'm trying to set up authentication so each core will have a Jetty user specifically able to use that core as well an administrator with access to all cores and the administration dashboard. I'm using start.jar from the Solr download to start Jetty.
I set up the realm.properties files with two users: SpecificUser: pw4specificUser, specific-role > Administrator: pw4administrator, administrator-role I've got the following in webdefault.xml: <security-constraint> > <web-resource-collection> > <web-resource-name>Specific Core</web-resource-name> > <url-pattern>/solr/specificCore/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>administrator-role,specific-role</role-name> > <!-- or > <role-name>administrator-role</role-name> > <role-name>specific-role</role-name> > --> > </auth-constraint> > </security-constraint> > <security-constraint> > <web-resource-collection> > <web-resource-name>Solr Instance</web-resource-name> > <url-pattern>/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>administrator-role</role-name> > </auth-constraint> > </security-constraint> > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>Solr Instance</realm-name> > </login-config> When I try to access the admin page or a make a request to a core as the administrator, I get in, but if I log in as the specific user, I get: Problem accessing /solr/specificCore/select. Reason: > !role Any ideas? My next step will be to encrypt the passwords using the directions at http://wiki.eclipse.org/Jetty/Howto/Secure_Passwords. Thanks, Don -- Don Lavelle Systems Programmer Division of Information Technology | Information Systems Stony Brook University
