Discussion:
post.jar with security.json
Oakley, Craig (NIH/NLM/NCBI) [C]
2015-12-24 19:11:38 UTC
Permalink
In the old jetty-based implementation of Basic Authentication, one could use post.jar by running something like

java -Durl="http://user:***@host:8983/solr/corename/update" -Dtype=application/xml -jar post.jar example.xml

By what mechanism does one pass in the user name and password to post.jar (or, I suppose more likely, to solr-5.4.0/bin/post) when using security.json?

Thanks
Oakley, Craig (NIH/NLM/NCBI) [C]
2015-12-29 17:24:58 UTC
Permalink
Or to put it another way, how does one get security.json to work with SOLR-5960?

Has anyone any suggestions?

-----Original Message-----
From: Oakley, Craig (NIH/NLM/NCBI) [C]
Sent: Thursday, December 24, 2015 2:12 PM
To: 'solr-***@lucene.apache.org' <solr-***@lucene.apache.org>
Subject: post.jar with security.json

In the old jetty-based implementation of Basic Authentication, one could use post.jar by running something like

java -Durl="http://user:***@host:8983/solr/corename/update" -Dtype=application/xml -jar post.jar example.xml

By what mechanism does one pass in the user name and password to post.jar (or, I suppose more likely, to solr-5.4.0/bin/post) when using security.json?

Thanks
e***@lucidworks.com
2015-12-29 17:53:56 UTC
Permalink
Hi Craig,

To pass the username and password, you'll want to enable authorization and authentication in security.json as is mentioned in this blog post in step 1 of "Enabling Basic Authentication".

https://lucidworks.com/blog/2015/08/17/securing-solr-basic-auth--rules/

Is this what you're looking for?

Thanks,

Esther Quansah
Post by Oakley, Craig (NIH/NLM/NCBI) [C]
Or to put it another way, how does one get security.json to work with SOLR-5960?
Has anyone any suggestions?
-----Original Message-----
From: Oakley, Craig (NIH/NLM/NCBI) [C]
Sent: Thursday, December 24, 2015 2:12 PM
Subject: post.jar with security.json
In the old jetty-based implementation of Basic Authentication, one could use post.jar by running something like
By what mechanism does one pass in the user name and password to post.jar (or, I suppose more likely, to solr-5.4.0/bin/post) when using security.json?
Thanks
Oakley, Craig (NIH/NLM/NCBI) [C]
2015-12-29 18:14:18 UTC
Permalink
I do have authorization and authentication setup in security.json: the question is how to pass the login and password into post.jar and/or into solr-5.4.0/bin/post -- it does not seem to like the user:***@host:8983/solr/corename/update syntax from SOLR-5960: when I try that, it complains "SimplePostTool: FATAL: Connection error (is Solr running at http://user:***@hostname:8983/solr/five4a/update ?): java.net.ConnectException: Connection refused", and nothing shows up in solr.log (although I do set log4j.logger.org.eclipse.jetty.server.Server=DEBUG to check for 401 errors, etc).

FYI, I get a 404 from the link you sited: perhaps I don't have access, or perhaps you meant https://lucidworks.com/blog/2015/08/17/securing-solr-basic-auth-permission-rules (although that doesn't mention post.jar)

-----Original Message-----
From: ***@lucidworks.com [mailto:***@lucidworks.com]
Sent: Tuesday, December 29, 2015 12:54 PM
To: solr-***@lucene.apache.org
Subject: Re: post.jar with security.json

Hi Craig,

To pass the username and password, you'll want to enable authorization and authentication in security.json as is mentioned in this blog post in step 1 of "Enabling Basic Authentication".

https://lucidworks.com/blog/2015/08/17/securing-solr-basic-auth--rules/

Is this what you're looking for?

Thanks,

Esther Quansah
Post by Oakley, Craig (NIH/NLM/NCBI) [C]
Or to put it another way, how does one get security.json to work with SOLR-5960?
Has anyone any suggestions?
-----Original Message-----
From: Oakley, Craig (NIH/NLM/NCBI) [C]
Sent: Thursday, December 24, 2015 2:12 PM
Subject: post.jar with security.json
In the old jetty-based implementation of Basic Authentication, one could use post.jar by running something like
By what mechanism does one pass in the user name and password to post.jar (or, I suppose more likely, to solr-5.4.0/bin/post) when using security.json?
Upayavira
2015-12-29 19:10:32 UTC
Permalink
You will probably find that the SimplePostTool (aka post.jar) has not
been updated to take into account security.json functionality.

Thus, the way to do this would be to look at the source code (it will
just use SolrJ to connect to Solr) and make enhancements to get it to
work (or if you're not familiar with Java, get someone else to do it).
Unfortunately, that is the nature of open source - there's so many such
features that *could* be extended, they tend to get the feature when
someone actually needs it.

Upayavira

On Tue, Dec 29, 2015, at 06:14 PM, Oakley, Craig (NIH/NLM/NCBI) [C]
Post by Oakley, Craig (NIH/NLM/NCBI) [C]
I do have authorization and authentication setup in security.json: the
question is how to pass the login and password into post.jar and/or into
solr-5.4.0/bin/post -- it does not seem to like the
try that, it complains "SimplePostTool: FATAL: Connection error (is Solr
java.net.ConnectException: Connection refused", and nothing shows up in
solr.log (although I do set
log4j.logger.org.eclipse.jetty.server.Server=DEBUG to check for 401
errors, etc).
FYI, I get a 404 from the link you sited: perhaps I don't have access, or
perhaps you meant
https://lucidworks.com/blog/2015/08/17/securing-solr-basic-auth-permission-rules
(although that doesn't mention post.jar)
-----Original Message-----
Sent: Tuesday, December 29, 2015 12:54 PM
Subject: Re: post.jar with security.json
Hi Craig,
To pass the username and password, you'll want to enable authorization
and authentication in security.json as is mentioned in this blog post in
step 1 of "Enabling Basic Authentication".
https://lucidworks.com/blog/2015/08/17/securing-solr-basic-auth--rules/
Is this what you're looking for?
Thanks,
Esther Quansah
Post by Oakley, Craig (NIH/NLM/NCBI) [C]
Or to put it another way, how does one get security.json to work with SOLR-5960?
Has anyone any suggestions?
-----Original Message-----
From: Oakley, Craig (NIH/NLM/NCBI) [C]
Sent: Thursday, December 24, 2015 2:12 PM
Subject: post.jar with security.json
In the old jetty-based implementation of Basic Authentication, one could use post.jar by running something like
By what mechanism does one pass in the user name and password to post.jar (or, I suppose more likely, to solr-5.4.0/bin/post) when using security.json?
Thanks
Oakley, Craig (NIH/NLM/NCBI) [C]
2016-07-11 14:44:34 UTC
Permalink
FYI

After some time, we revisited this issue, and found that post.jar *DOES* work with security.json after all.

My test of whether or not it would work happened to have a typo in the port number; and I misinterpreted the error message as an erroneous indication that post.jar would not work with security.json -- as it turns out, it *DOES* work

Sorry for the confusion

-----Original Message-----
From: Upayavira [mailto:***@odoko.co.uk]
Sent: Tuesday, December 29, 2015 2:11 PM
To: solr-***@lucene.apache.org
Subject: Re: post.jar with security.json

You will probably find that the SimplePostTool (aka post.jar) has not
been updated to take into account security.json functionality.

Thus, the way to do this would be to look at the source code (it will
just use SolrJ to connect to Solr) and make enhancements to get it to
work (or if you're not familiar with Java, get someone else to do it).
Unfortunately, that is the nature of open source - there's so many such
features that *could* be extended, they tend to get the feature when
someone actually needs it.

Upayavira

On Tue, Dec 29, 2015, at 06:14 PM, Oakley, Craig (NIH/NLM/NCBI) [C]
Post by Oakley, Craig (NIH/NLM/NCBI) [C]
I do have authorization and authentication setup in security.json: the
question is how to pass the login and password into post.jar and/or into
solr-5.4.0/bin/post -- it does not seem to like the
try that, it complains "SimplePostTool: FATAL: Connection error (is Solr
java.net.ConnectException: Connection refused", and nothing shows up in
solr.log (although I do set
log4j.logger.org.eclipse.jetty.server.Server=DEBUG to check for 401
errors, etc).
FYI, I get a 404 from the link you sited: perhaps I don't have access, or
perhaps you meant
https://lucidworks.com/blog/2015/08/17/securing-solr-basic-auth-permission-rules
(although that doesn't mention post.jar)
-----Original Message-----
Sent: Tuesday, December 29, 2015 12:54 PM
Subject: Re: post.jar with security.json
Hi Craig,
To pass the username and password, you'll want to enable authorization
and authentication in security.json as is mentioned in this blog post in
step 1 of "Enabling Basic Authentication".
https://lucidworks.com/blog/2015/08/17/securing-solr-basic-auth--rules/
Is this what you're looking for?
Thanks,
Esther Quansah
Post by Oakley, Craig (NIH/NLM/NCBI) [C]
Or to put it another way, how does one get security.json to work with SOLR-5960?
Has anyone any suggestions?
-----Original Message-----
From: Oakley, Craig (NIH/NLM/NCBI) [C]
Sent: Thursday, December 24, 2015 2:12 PM
Subject: post.jar with security.json
In the old jetty-based implementation of Basic Authentication, one could use post.jar by running something like
By what mechanism does one pass in the user name and password to post.jar (or, I suppose more likely, to solr-5.4.0/bin/post) when using security.json?
Thanks
Loading...