[
https://issues.apache.org/jira/browse/SOLR-12813?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17841461#comment-17841461
]
ASF subversion and git services commented on SOLR-12813:
--------------------------------------------------------
Commit 25d5f6988e9cb290ab68928c84df5eb6bc641bd0 in solr's branch
refs/heads/branch_9x from Rudi Seitz
[ https://gitbox.apache.org/repos/asf?p=solr.git;h=25d5f6988e9 ]
SOLR-12813: subqueries should respect basic auth (#2404)
Fix issue where a basic auth user principal is lost when issuing a subquery in
a way that spans multiple shards:
- SubQueryAugmenterFactory now passes the user principal from the main
SolrQueryRequest down into each QueryRequest created for the subquery.
- EmbeddedSolrServer now preserves the user principal when it transforms a
SolrRequest into a SolrQueryRequest. The method that does this transformation
is SolrRequestParsers.buildRequestFrom(). This method now accepts a user
principal and returns a SolrQueryRequestBase that returns the same principal
provided.
---------
Co-authored-by: Eric Pugh <ep...@opensourceconnections.com>
> SolrCloud + 2 shards + subquery + auth = 401 Exception
> ------------------------------------------------------
>
> Key: SOLR-12813
> URL: https://issues.apache.org/jira/browse/SOLR-12813
> Project: Solr
> Issue Type: Bug
> Components: security, SolrCloud
> Affects Versions: 6.4.1, 7.5, 8.11
> Reporter: Igor Fedoryn
> Priority: Major
> Attachments: screen1.png, screen2.png
>
> Time Spent: 2h 10m
> Remaining Estimate: 0h
>
> Environment: * Solr 6.4.1
> * Zookeeper 3.4.6
> * Java 1.8
> Run Zookeeper
> Upload simple configuration wherein the Solr schema has fields for a
> relationship between parent/child
> Run two Solr instance (2 nodes)
> Create the collection with 1 shard on each Solr nodes
>
> Add parent document to one shard and child document to another shard.
> The response for: *
> /select?q=ChildIdField:VALUE&fl=*,parents:[subqery]&parents.q=\{!term f=id
> v=$row.ParentIdsField}
> correct.
>
> After that add Basic Authentication with some user for collection.
> Restart Solr or reload Solr collection.
> If the simple request /select?q=*:* with authorization on Solr server is a
> success then run previously request
> with authorization on Solr server and you get the exception: "Solr HTTP
> error: Unauthorized (401) "
>
> Screens in the attachment.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
