solrsolr8

solr - basic authentication


(total beginner question alert!) I am trying to set basic authentication on SOLR 8.3 (docker container: FROM solr:8.3) following this doc:

I have added the /var/solr/data/security.json:

{
"authentication":{ 
   "blockUnknown": true, 
   "class":"solr.BasicAuthPlugin",
   "credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}, 
   "realm":"My Solr users", 
   "forwardCredentials": false 
},
"authorization":{
   "class":"solr.RuleBasedAuthorizationPlugin",
   "permissions":[{"name":"security-edit",
      "role":"admin"}], 
   "user-role":{"solr":"admin"} 
}}

when I try to change the default admin pass:

curl --user solr:SolrRocks http://10.x.x.x:8983/solr/admin/authentication -H 'Content-type:application/json' -d '{"set-user": {"solr" : "MyNewSuperSecurePass" }}'

I get the error :

  "responseHeader":{
    "status":400,
    "QTime":1},
  "error":{
    "metadata":[
      "error-class","org.apache.solr.common.SolrException",
      "root-error-class","org.apache.solr.common.SolrException"],
    "msg":"No authentication plugin configured",
    "code":400}}

Solution

  • I have found that this behavior is only when running solr in container. Basically the security.json file must be put at container build time. So I added to the Dockerfile:

    FROM solr:8.3
    ENV SOLR_USER="solr" \
        SOLR_GROUP="solr"
    USER root
    COPY --chown=solr:solr security/security.json /var/solr/data/security.json
    USER $SOLR_USER
    

    After this, the newly built container behaved as described in the documentations.