lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lance Norskog <goks...@gmail.com>
Subject Re: Unbuffered Exception while setting permissions
Date Wed, 30 Jun 2010 20:45:18 GMT
Other problems with this error have been solved by doing pre-emptive
authentication.

On Wed, Jun 30, 2010 at 4:26 AM, Rakhi Khatwani <rkhatwani@gmail.com> wrote:
> This error usually occurs when i do a server.add(inpDoc).
>
> Behind the logs:
>
> 192.168.0.106 - - [30/Jun/2010:11:30:38 +0000] "GET
> /solr/GPTWPI/update?qt=%2Fupdate&optimize=true&wt=javabin&version=1
> HTTP/1.1" 200 41
>
> 192.168.0.106 - - [30/Jun/2010:11:30:38 +0000] "GET
> /solr/GPTWPI/select?q=aid%3A30234&wt=javabin&version=1 HTTP/1.1" 401 1389
>
> 192.168.0.106 - admin [30/Jun/2010:11:30:38 +0000] "GET
> /solr/GPTWPI/select?q=aid%3A30234&wt=javabin&version=1 HTTP/1.1" 200 70
>
> 192.168.0.106 - - [30/Jun/2010:11:30:38 +0000] "POST
> /solr/GPTWPI/update?wt=javabin&version=1 HTTP/1.1" 200 41 (Works when i
> comment out the auth-constraint for RW)
>
>                                        AND
>
> 192.168.0.106 - - [30/Jun/2010:11:29:09 +0000] "POST
> /solr/GPTWPI/update?wt=javabin&version=1 HTTP/1.1" 401 1389 (Does not work
> when i add the auth-constraint for RW)
>
> 192.168.0.106 - - [30/Jun/2010:11:30:38 +0000] "GET
> /solr/GPTWPI/update?qt=%2Fupdate&commit=true&wt=javabin&version=1 HTTP/1.1"
> 200 41
>
> so what i conclude is that the authentication does not work when we do a
> POST method and works for GET methods. correct me if i am wrong.
> and how do i get it working?
>
> Regards,
> Raakhi
>
> On Wed, Jun 30, 2010 at 2:22 PM, Rakhi Khatwani <rkhatwani@gmail.com> wrote:
>
>> I was going through the logs,
>> Everytime i try doing an update (and ofcourse ending up with unbuffered
>> exception) the log outputs the following line
>> [30/Jun/2010:09:02:52 +0000] "POST /solr/core1/update?wt=javabin&version=1
>> HTTP/1.1" 401 1389
>>
>> Regards
>> Raakhi
>>
>> On Wed, Jun 30, 2010 at 12:27 PM, Rakhi Khatwani <rkhatwani@gmail.com>wrote:
>>
>>> PS: I am using solr 1.4
>>>
>>> Regards,
>>> Raakhi
>>>
>>> On Wed, Jun 30, 2010 at 12:05 PM, Rakhi Khatwani <rkhatwani@gmail.com>wrote:
>>>
>>>> Hi,
>>>>        I am trying out solr security on my setup from the following
>>>> links:
>>>> http://wiki.apache.org/solr/SolrSecurity
>>>>
>>>> http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores
>>>>
>>>> Following is my configuration:
>>>>
>>>> realms.properties:
>>>> admin: admin,server-administrator,content-administrator,admin
>>>> other: OBF:1xmk1w261u9r1w1c1xmq
>>>> guest: guest,read-only
>>>> rakhi: rakhi,RW-role
>>>>
>>>> jetty.xml:
>>>> ...
>>>> <Set name="UserRealms">
>>>> <Array type="org.mortbay.jetty.security.UserRealm">
>>>> <Item>
>>>> <New class="org.mortbay.jetty.security.HashUserRealm">
>>>>   <Set name="name">Test Realm</Set>
>>>> <Set name="config"><SystemProperty name="jetty.home"
>>>> default="."/>/etc/realm.properties</Set>
>>>> </New>
>>>> </Item>
>>>> </Array>
>>>> </Set>
>>>>
>>>> ...
>>>>
>>>> WebDefault.xml:
>>>> <!-- block by default. -->
>>>> <security-constraint>
>>>> <web-resource-collection>
>>>> <web-resource-name>Default</web-resource-name>
>>>> <url-pattern>/</url-pattern>
>>>> </web-resource-collection>
>>>> <auth-constraint/> <!-- BLOCK! -->
>>>> </security-constraint>
>>>>
>>>> <!-- Setting admin access. -->
>>>>  <security-constraint>
>>>>    <web-resource-collection>
>>>>    <web-resource-name>Solr authenticated application</web-resource-name>
>>>>     <url-pattern>/admin/*</url-pattern>
>>>>     <url-pattern>/core1/admin/*</url-pattern>
>>>>    </web-resource-collection>
>>>>    <auth-constraint>
>>>>     <role-name>admin</role-name>
>>>>     <role-name>FullAccess-role</role-name>
>>>>    </auth-constraint>
>>>> </security-constraint>
>>>>
>>>> <!-- this constraint has no auth constraint or data constraint => allows
>>>> without auth. -->
>>>> <security-constraint>
>>>> <web-resource-collection>
>>>> <web-resource-name>AllowedQueries</web-resource-name>
>>>>   <url-pattern>/core1/select/*</url-pattern>
>>>> </web-resource-collection>
>>>> </security-constraint>
>>>>
>>>> <login-config>
>>>> <auth-method>BASIC</auth-method>
>>>>   <realm-name>Test Realm</realm-name>
>>>> </login-config>
>>>> <security-role>
>>>> <role-name>Admin-role</role-name>
>>>> </security-role>
>>>> <security-role>
>>>> <role-name>FullAccess-role</role-name>
>>>> </security-role>
>>>> <security-role>
>>>> <role-name>RW-role</role-name>
>>>> </security-role>
>>>>
>>>>
>>>> So Far Everything works good. I get a forbidden exception as soon as i
>>>> try to commit documents in solr.
>>>> but when i add the following security constraint tag in webdefault.xml,
>>>>
>>>> <!-- this constraint allows access to modify the data in the SOLR
>>>> service, with basic auth -->
>>>> <security-constraint>
>>>> <web-resource-collection>
>>>> <web-resource-name>RW</web-resource-name>
>>>> <!-- the dataimport handler for each individual core -->
>>>>   <url-pattern>/core1/dataimport</url-pattern>
>>>> <!-- the update handler (XML over HTTP) for each individual core -->
>>>>   <url-pattern>/core1/update/*</url-pattern>
>>>> </web-resource-collection>
>>>> <auth-constraint>
>>>> <!-- Roles of users are defined int the properties file -->
>>>> <!-- we allow users with rw-only access -->
>>>> <role-name>RW-role</role-name>
>>>> <!-- we allow users with full access -->
>>>> <role-name>FullAccess-role</role-name>
>>>> </auth-constraint>
>>>> </security-constraint>
>>>>
>>>> I get the following exception:
>>>>
>>>> org.apache.solr.client.solrj.SolrServerException:
>>>> org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing
>>>> request can not be repeated.
>>>> at
>>>> org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469)
>>>> at
>>>> org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:243)
>>>> at
>>>> org.apache.solr.client.solrj.request.AbstractUpdateRequest.process(AbstractUpdateRequest.java:105)
>>>> at org.apache.solr.client.solrj.SolrServer.add(SolrServer.java:64)
>>>> at Authentication.AuthenticationTest.main(AuthenticationTest.java:35)
>>>> Caused by: org.apache.commons.httpclient.ProtocolException: Unbuffered
>>>> entity enclosing request can not be repeated.
>>>> at
>>>> org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:487)
>>>> at
>>>> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
>>>> at
>>>> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
>>>> at
>>>> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
>>>> at
>>>> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
>>>> at
>>>> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
>>>> at
>>>> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
>>>> at
>>>> org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:416)
>>>> ... 4 more
>>>>
>>>>
>>>> My Java code is as follows:
>>>> public class AuthenticationTest {
>>>> public static void main(String[] args) {
>>>> try {
>>>> HttpClient client = new HttpClient();
>>>> AuthScope scope = new AuthScope(AuthScope.ANY_HOST,AuthScope.ANY_PORT);
>>>> client.getState().setCredentials(scope, new
>>>> UsernamePasswordCredentials("rakhi","rakhi"));
>>>>   SolrServer server = new CommonsHttpSolrServer("
>>>> http://localhost:8983/solr/core1/",client);
>>>>
>>>> SolrQuery query = new SolrQuery();
>>>> query.setQuery("*:*");
>>>> QueryResponse response = server.query(query);
>>>> System.out.println(response.getStatus());
>>>>
>>>> SolrInputDocument doc = new SolrInputDocument();
>>>> doc.setField("aid", "0");
>>>> doc.setField("rct", "Sample Data for authentication");
>>>> server.add(doc);
>>>> server.commit();
>>>> } catch (MalformedURLException e) {
>>>> // TODO Auto-generated catch block
>>>> e.printStackTrace();
>>>> } catch (SolrServerException e) {
>>>> // TODO Auto-generated catch block
>>>> e.printStackTrace();
>>>> } catch (IOException e) {
>>>> // TODO Auto-generated catch block
>>>> e.printStackTrace();
>>>> }
>>>> }
>>>> }
>>>>
>>>> Any Pointers?
>>>> Regards,
>>>> Raakhi Khatwani
>>>>
>>>
>>>
>>
>



-- 
Lance Norskog
goksron@gmail.com

Mime
View raw message