[
https://issues.apache.org/jira/browse/SOLR-14569?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17460692#comment-17460692
]
Mark Robert Miller edited comment on SOLR-14569 at 12/16/21, 1:22 PM:
----------------------------------------------------------------------
So I have run into this before and addressed it. I was looking at it now from
another jira issue - the one that user tested that basic auth has not worked
since back in a 7 release if not in SolrCloud mode.
Anyway, I hit this issue in my own branch because some butterflies getting
stepped on made it into a much larger problem that started failing all tests
with internode request using security.
I’ve been been trying to fully refresh my knowledge and that jira since
yesterday morning, but the universe has been attacking me, or maybe the time
authority or some thing.
(I had an electrician over to install outlets and an energy monitoring smart
thing in the breaker box. Unknown to me, my wife has the pool company replacing
a pump they installed and had failed at the same time. Unknown to me and beyond
reasonable coincidence, the citi was in my backyard almost all day with like
teams of people, enough workers walking back and forth by my office window
and in and out of my yard that you can’t ignore conspiracy theories around
their simple claim that they own a major electric wire running through my
property. Meanwhile their trunks lined the street like SHIELD had showed up.
When that settled down and I started a very late work day, and immediately my
wife convinced me that in fact I had been torturing her with ridiculous sound
attacks for the past year and a half while wholly denying it was remotely
possible — by demanding I stop humming quietly under my breath while she was in
the other side of the house through multiple rooms and two closed doors. Remote
decibel inspection broke my mind, and I went to work to figure out a solution.
A 3 decimal rise in sound is like doubling it. I won’t even say the dec
differences I was regularly firing. Meanwhile, hell continued to rain. Later,
among a few fun times, I walked directly pinto an open, full dishwasher door in
the dark. My computer went wild on basic stuff I’ve done every day for
months.Amazon and smart IoT things went unreliable. My 5g connection on my
phone barely functioned when I left the house with full bars. I reached that
level of what the hell is going on that you end up more in a state of cold awe
than swear infused anger. Everything I’ve tried to make make happen since
yesterday morning has gone into insanity.
Just background I can’t keep internal.
But anyway, in my complete failed agenda has been to discuss the solution I had
put in the branch for this stuff with Anshum. I was at the tail end of trying
to finish some verification and refresh if anything entangling had popped and
require further changes that I didn’t recall.
The long short of that solution is to handle this like the original http
@client did vs what seemed a strange choice to chart this alternate handling
that the http2 client does.
was (Author: markrmiller):
So I have run into this before and addressed it. I was looking at it now from
another jira issue - the one that user tested that basic auth has not worked
since back in a 7 release if not in SolrCloud mode.
Anyway, I hit this issue in my own branch because some butterflies getting
stepped on made it into a much larger problem that started failing all tests
with internode request using security.
I’ve been been trying to fully refresh my knowledge and that jira since
yesterday morning, but the universe has been attacking me, or maybe the time
authority or some thing.
(I had an electrician over to install outlets and an energy monitoring smart
thing in the breaker box. Unknown to me, my wife has the pool company replacing
a pump they installed and had failed at the same time. Unknown to me and beyond
reasonable coincidence, the citi was in my backyard almost all day with like
teams of people, enough workers walking back and forth by my office window
and in and out of my yard that you can’t ignore conspiracy theories around
their simple claim that they own a major electric wire running through my
property. Meanwhile their trunks line SHIELD showed up.
When that settled down and I started a very late work day, my wife convinced me
that in fact I had been torturing her with ridiculous sound attacks for the
past year and a half while wholly denying it was remotely possible — by
demanding I stop humming quietly under my breath while she was in the other
side of the house. Remote decibel inspection broke my mind, and I went to work
to figure out a solution. A 3 decimal rise in sound is like doubling it. I
won’t even say the dec differences I was regularly firing. Meanwhile, hell
continued to rain. Later, amount a few fun times, I walked directly into an
open, full dishwasher door in the dark. My computer went wild on basic stuff
I’ve done every day for months. I reached that level of what the hell is going
on that you end up more in a state of cold awe than swear infused anger.
Everything I’ve tried to make make happen since yesterday morning has gone into
insanity.
Just background I can’t keep internal.
But anyway, in my complete failed agenda has been to discuss the solution I had
put in the branch for this stuff with Anshum. I was at the tail end of trying
to finish some verification and refresh if anything entangling had popped and
require further changes that I didn’t recall.
The long short of that solution is to handle this like the original http
@client did vs what seemed a strange choice to chart this alternate handling
that the http2 client does.
> Configuring a shardHandlerFactory on the /select requestHandler results in
> HTTP 401 when searching on alias in secured Solr
> ---------------------------------------------------------------------------------------------------------------------------
>
> Key: SOLR-14569
> URL: https://issues.apache.org/jira/browse/SOLR-14569
> Project: Solr
> Issue Type: Bug
> Components: Authentication
> Affects Versions: 8.5, main (9.0)
> Environment: Unit test on master branch (9x) built on Windows 10 with
> Java 11
> Solr 8.5.0 instance running on CentOS 7.7 with Java 11
> Reporter: Isabelle Giguere
> Assignee: Anshum Gupta
> Priority: Major
> Attachments: SOLR-14569.patch, SOLR-14569.patch, SOLR-14569.patch,
> curl_requests-responses.txt, security.json, security.json, solr.log,
> solr_conf.zip, updated_solr_conf.zip
>
>
> The issue was first noticed on an instance of Solr 8.5.0, after securing Solr
> with security.json.
> Searching on a single collection returns the expected results, but searching
> on an alias returns HTTP 401.
> *Note that this issue is not reproduced when the collections are created
> using the _default configuration.*
> Update: Fast-forward to this comment for the reason why:
> https://issues.apache.org/jira/browse/SOLR-14569?focusedCommentId=17136195&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17136195
> The attached patch includes a unit test to query on an alias. *Fixed and
> updated as per [~gerlowskija]' comments*
> *Patch applies on master branch (9x)*.
> The unit test is added to the test class that was originally part of the
> patch to fix SOLR-13510.
> Update: Unit tests fail if sharHandlerFactory is added to the requestHandler
> in configset cloud-minimal
> I also attach:
> - our product-specific Solr configuration, modified to remove irrelevant
> plugins and fields
> - security.json with user 'admin' (pwd 'admin')
> -- Note that forwardCredentials true or false does not modify the behavior
> To test with attached configuration solr_conf.zip or updated_solr_conf.zip:
> - Download and unzip Solr 8.5.0
> - Modify ./bin/solr.in.sh :
> -- ZK_HOST (optional)
> -- SOLR_AUTH_TYPE="basic"
> -- SOLR_AUTHENTICATION_OPTS="-Dbasicauth=admin:admin"
> - Upload security.json into Zookeeper
> -- ./bin/solr zk cp
> [file:/path/to/security.json|file:///path/to/security.json]
> zk:/path/to/solr/security.json [-z <zk_host>:<zk_port>[/<solr>]]
> - Start Solr in cloud mode
> -- ./bin/solr -c
> - Upload the provided configuration
> - ./bin/solr zk upconfig -z <zk_host>:<zk_port>[/<solr>] -n conf_en -d
> /path/to/folder/conf/
> - Create 2 collections using the uploaded configuration
> -- test1, test2
> - Create an alias grouping the 2 collections
> -- test = test1, test2
> - Query (/select?q=*:*) one collection
> -- results in successful Solr response
> - Query the alias (/select?q=*:*)
> -- results in HTTP 401
> There is no need to add documents to observe the issue.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
