lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rakhi Khatwani <rkhatw...@gmail.com>
Subject Unbuffered Exception while setting permissions
Date Wed, 30 Jun 2010 06:35:19 GMT
Hi,
       I am trying out solr security on my setup from the following links:
http://wiki.apache.org/solr/SolrSecurity
http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores

Following is my configuration:

realms.properties:
admin: admin,server-administrator,content-administrator,admin
other: OBF:1xmk1w261u9r1w1c1xmq
guest: guest,read-only
rakhi: rakhi,RW-role

jetty.xml:
...
<Set name="UserRealms">
<Array type="org.mortbay.jetty.security.UserRealm">
<Item>
<New class="org.mortbay.jetty.security.HashUserRealm">
  <Set name="name">Test Realm</Set>
<Set name="config"><SystemProperty name="jetty.home"
default="."/>/etc/realm.properties</Set>
</New>
</Item>
</Array>
</Set>

...

WebDefault.xml:
<!-- block by default. -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Default</web-resource-name>
<url-pattern>/</url-pattern>
</web-resource-collection>
<auth-constraint/> <!-- BLOCK! -->
</security-constraint>

<!-- Setting admin access. -->
<security-constraint>
   <web-resource-collection>
   <web-resource-name>Solr authenticated application</web-resource-name>
    <url-pattern>/admin/*</url-pattern>
    <url-pattern>/core1/admin/*</url-pattern>
   </web-resource-collection>
   <auth-constraint>
    <role-name>admin</role-name>
    <role-name>FullAccess-role</role-name>
   </auth-constraint>
</security-constraint>

<!-- this constraint has no auth constraint or data constraint => allows
without auth. -->
<security-constraint>
<web-resource-collection>
<web-resource-name>AllowedQueries</web-resource-name>
  <url-pattern>/core1/select/*</url-pattern>
</web-resource-collection>
</security-constraint>

<login-config>
<auth-method>BASIC</auth-method>
  <realm-name>Test Realm</realm-name>
</login-config>
<security-role>
<role-name>Admin-role</role-name>
</security-role>
<security-role>
<role-name>FullAccess-role</role-name>
</security-role>
<security-role>
<role-name>RW-role</role-name>
</security-role>


So Far Everything works good. I get a forbidden exception as soon as i try
to commit documents in solr.
but when i add the following security constraint tag in webdefault.xml,

<!-- this constraint allows access to modify the data in the SOLR service,
with basic auth -->
<security-constraint>
<web-resource-collection>
<web-resource-name>RW</web-resource-name>
<!-- the dataimport handler for each individual core -->
  <url-pattern>/core1/dataimport</url-pattern>
<!-- the update handler (XML over HTTP) for each individual core -->
  <url-pattern>/core1/update/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- Roles of users are defined int the properties file -->
<!-- we allow users with rw-only access -->
<role-name>RW-role</role-name>
<!-- we allow users with full access -->
<role-name>FullAccess-role</role-name>
</auth-constraint>
</security-constraint>

I get the following exception:

org.apache.solr.client.solrj.SolrServerException:
org.apache.commons.httpclient.ProtocolException: Unbuffered entity enclosing
request can not be repeated.
at
org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:469)
at
org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:243)
at
org.apache.solr.client.solrj.request.AbstractUpdateRequest.process(AbstractUpdateRequest.java:105)
at org.apache.solr.client.solrj.SolrServer.add(SolrServer.java:64)
at Authentication.AuthenticationTest.main(AuthenticationTest.java:35)
Caused by: org.apache.commons.httpclient.ProtocolException: Unbuffered
entity enclosing request can not be repeated.
at
org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:487)
at
org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
at
org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at
org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at
org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:416)
... 4 more


My Java code is as follows:
public class AuthenticationTest {
public static void main(String[] args) {
try {
HttpClient client = new HttpClient();
AuthScope scope = new AuthScope(AuthScope.ANY_HOST,AuthScope.ANY_PORT);
client.getState().setCredentials(scope, new
UsernamePasswordCredentials("rakhi","rakhi"));
  SolrServer server = new CommonsHttpSolrServer("
http://localhost:8983/solr/core1/",client);

SolrQuery query = new SolrQuery();
query.setQuery("*:*");
QueryResponse response = server.query(query);
System.out.println(response.getStatus());

SolrInputDocument doc = new SolrInputDocument();
doc.setField("aid", "0");
doc.setField("rct", "Sample Data for authentication");
server.add(doc);
server.commit();
} catch (MalformedURLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SolrServerException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}

Any Pointers?
Regards,
Raakhi Khatwani

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message