[
https://issues.apache.org/jira/browse/SOLR-15675?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17426234#comment-17426234
]
Houston Putman commented on SOLR-15675:
---------------------------------------
Ahh yes thank you for the screen shot. Looking at the options you use, this is
actually a bug that has been fixed between 8.9 and 8.10 (SOLR-15573).
Previously since you were using {{-blockUnknown true}} before your {{-z
zk1:2181}}, it was ignoring the zkHost you were passing (much like the error
Jan mentioned above).
The ultimate reason why you are seeing an error is that you are using different
zkConnectionStrings when starting solr and when running the auth command. When
starting solr you use {{-z zk1:2181/solr}}, which uses a chRoot of "solr". When
using the auth command you use {{-z zk1:2181}}, absent of any chRoot. So the
auth is trying to update your security.json at {{/security.json}} when it
really lives at {{/solr/security.json}}.
It would be nice for the {{bin/solr auth}} command to accept the {{ZK_HOST}}
envVar, much like other commands in the file. That way you could set it in you
docker container once, and never have to worry about it when running subsequent
commands.
> Zookeeper flag ignored when enabling authentication in 8.10.0
> -------------------------------------------------------------
>
> Key: SOLR-15675
> URL: https://issues.apache.org/jira/browse/SOLR-15675
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Jose Antonio Carmona
> Assignee: Jan Høydahl
> Priority: Minor
> Attachments: solr_zookeeper_error.png
>
>
> When enabling authentication in Apache SolR 8.10.0 (running in SolrCloud
> cluster mode), the `-z` flag does not seem to be taken into account and
> ultimately produces the following error:
> {code:bash}
> $ bin/solr auth enable -type basicAuth -credentials admin:admin -blockUnknown
> true -z zk1:2181
> Exception in thread "main"
> org.apache.zookeeper.KeeperException$NoNodeException: KeeperErrorCode =
> NoNode for /security.json at
> org.apache.zookeeper.KeeperException.create(KeeperException.java:118) at
> org.apache.zookeeper.KeeperException.create(KeeperException.java:54) at
> org.apache.zookeeper.ZooKeeper.setData(ZooKeeper.java:2561) at
> org.apache.solr.common.cloud.SolrZkClient.lambda$setData$7(SolrZkClient.java:355)
> at
> org.apache.solr.common.cloud.ZkCmdExecutor.retryOperation(ZkCmdExecutor.java:79)
> at org.apache.solr.common.cloud.SolrZkClient.setData(SolrZkClient.java:355)
> at org.apache.solr.common.cloud.SolrZkClient.setData(SolrZkClient.java:575)
> at org.apache.solr.util.SolrCLI$AuthTool.handleBasicAuth(SolrCLI.java:4435)
> at org.apache.solr.util.SolrCLI$AuthTool.runTool(SolrCLI.java:4209) at
> org.apache.solr.util.SolrCLI.main(SolrCLI.java:304)
> {code}
> Zookeeper host is reachable and properly configured. Using `-zkHost` instead
> of `-z` does seem to solve the issue:
> {code:bash}
> $ bin/solr auth enable -type basicAuth -credentials admin:admin -blockUnknown
> true -zkHost zk1:2181
> Solr include file /opt/solr/bin/solr.in.sh doesn't exist or is not writeable.
> Add the following lines to the solr.in.sh file so that the ./solr script can
> use subsequently.
> SOLR_AUTH_TYPE="basic"
> SOLR_AUTHENTICATION_OPTS="-Dbasicauth=admin:admin"
> {code}
> Is this something expected? To add more context, using `-z` was totally
> functional in version `8.9.0`. Furthermore, the CLI tool does list that
> option:
> {code:bash}
> bin/solr auth --help | grep Zookeeper
> -z zkHost Zookeeper connection string.
> Unnecessary if ZK_HOST is defined in solr.in.sh.
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
