lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rakhi Khatwani <rkhatw...@gmail.com>
Subject Re: Unbuffered Exception while setting permissions
Date Wed, 30 Jun 2010 06:57:46 GMT
PS: I am using solr 1.4

Regards,
Raakhi

On Wed, Jun 30, 2010 at 12:05 PM, Rakhi Khatwani <rkhatwani@gmail.com>wrote:

> Hi,
>        I am trying out solr security on my setup from the following links:
> http://wiki.apache.org/solr/SolrSecurity
>
> http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores
>
> Following is my configuration:
>
> realms.properties:
> admin: admin,server-administrator,content-administrator,admin
> other: OBF:1xmk1w261u9r1w1c1xmq
> guest: guest,read-only
> rakhi: rakhi,RW-role
>
> jetty.xml:
> ...
> <Set name="UserRealms">
> <Array type="org.mortbay.jetty.security.UserRealm">
> <Item>
> <New class="org.mortbay.jetty.security.HashUserRealm">
>   <Set name="name">Test Realm</Set>
> <Set name="config"><SystemProperty name="jetty.home"
> default="."/>/etc/realm.properties</Set>
> </New>
> </Item>
> </Array>
> </Set>
>
> ...
>
> WebDefault.xml:
> <!-- block by default. -->
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Default</web-resource-name>
> <url-pattern>/</url-pattern>
> </web-resource-collection>
> <auth-constraint/> <!-- BLOCK! -->
> </security-constraint>
>
> <!-- Setting admin access. -->
>  <security-constraint>
>    <web-resource-collection>
>    <web-resource-name>Solr authenticated application</web-resource-name>
>     <url-pattern>/admin/*</url-pattern>
>     <url-pattern>/core1/admin/*</url-pattern>
>    </web-resource-collection>
>    <auth-constraint>
>     <role-name>admin</role-name>
>     <role-name>FullAccess-role</role-name>
>    </auth-constraint>
> </security-constraint>
>
> <!-- this constraint has no auth constraint or data constraint => allows
> without auth. -->
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>AllowedQueries</web-resource-name>
>   <url-pattern>/core1/select/*</url-pattern>
> </web-resource-collection>
> </security-constraint>
>
> <login-config>
> <auth-method>BASIC</auth-method>
>   <realm-name>Test Realm</realm-name>
> </login-config>
> <security-role>
> <role-name>Admin-role</role-name>
> </security-role>
> <security-role>
> <role-name>FullAccess-role</role-name>
> </security-role>
> <security-role>
> <role-name>RW-role</role-name>
> </security-role>
>
>
> So Far Everything works good. I get a forbidden exception as soon as i try
> to commit documents in solr.
> but when i add the following security constraint tag in webdefault.xml,
>
> <!-- this constraint allows access to modify the data in the SOLR service,
> with basic auth -->
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>RW</web-resource-name>
> <!-- the dataimport handler for each individual core -->
>   <url-pattern>/core1/dataimport</url-pattern>
> <!-- the update handler (XML over HTTP) for each individual core -->
>   <url-pattern>/core1/update/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <!-- Roles of users are defined int the properties file -->
> <!-- we allow users with rw-only access -->
> <role-name>RW-role</role-name>
> <!-- we allow users with full access -->
> <role-name>FullAccess-role</role-name>
> </auth-constraint>
> </security-constraint>
>
> I get the following exception:
>
> org.apache.solr.client.solrj.SolrServerException:
> org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing
> request can not be repeated.
> at
> org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469)
> at
> org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:243)
> at
> org.apache.solr.client.solrj.request.AbstractUpdateRequest.process(AbstractUpdateRequest.java:105)
> at org.apache.solr.client.solrj.SolrServer.add(SolrServer.java:64)
> at Authentication.AuthenticationTest.main(AuthenticationTest.java:35)
> Caused by: org.apache.commons.httpclient.ProtocolException: Unbuffered
> entity enclosing request can not be repeated.
> at
> org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:487)
> at
> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
> at
> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
> at
> org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:416)
> ... 4 more
>
>
> My Java code is as follows:
> public class AuthenticationTest {
> public static void main(String[] args) {
> try {
> HttpClient client = new HttpClient();
> AuthScope scope = new AuthScope(AuthScope.ANY_HOST,AuthScope.ANY_PORT);
> client.getState().setCredentials(scope, new
> UsernamePasswordCredentials("rakhi","rakhi"));
>   SolrServer server = new CommonsHttpSolrServer("
> http://localhost:8983/solr/core1/",client);
>
> SolrQuery query = new SolrQuery();
> query.setQuery("*:*");
> QueryResponse response = server.query(query);
> System.out.println(response.getStatus());
>
> SolrInputDocument doc = new SolrInputDocument();
> doc.setField("aid", "0");
> doc.setField("rct", "Sample Data for authentication");
> server.add(doc);
> server.commit();
> } catch (MalformedURLException e) {
> // TODO Auto-generated catch block
> e.printStackTrace();
> } catch (SolrServerException e) {
> // TODO Auto-generated catch block
> e.printStackTrace();
> } catch (IOException e) {
> // TODO Auto-generated catch block
> e.printStackTrace();
> }
> }
> }
>
> Any Pointers?
> Regards,
> Raakhi Khatwani
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message