Hi,
You can have a look at the default security.json and use that as a template,
here
https://github.com/apache/solr/blob/main/solr/core/src/resources/security.json
It uses some users "search", "index", "admin" and "superadmin" with
corresponding roles. You should be able to bootstrap with this and then edit
via Admin UI. I believe the default passwords equals the username for each user
if I remember correctly..
Jan
> 17. sep. 2024 kl. 15:01 skrev Mugi, Krishnavamsireddy
> <krishnavamsireddy.m...@paramount.com>:
>
> Hi Jan,
>
> Enabling auth through command prompt can be done only in Solr Cloud right?
> But we are using solr as standalone server, Is there a way for enabling auth
> through command prompt in Standalone server?
>
> Thanks&Regards
> KrishnaVamsi
>
> -----Original Message-----
> From: Jan Høydahl <jan....@cominvent.com>
> Sent: 17 September 2024 17:27
> To: users@solr.apache.org
> Subject: Re: Basic auth plugin in solr 9.6.1
>
>
> <External Email>
>
>
> Hi
>
> Solr's admin UI uses the same API layer as query clients. So there is no way
> to limit "just the UI" per se.
> Of course you can let /select and /update be totally un-authenticated and
> just protect various admin APIs, that's probably what you are looking for?
>
> I'd recommed you enable auth using the command line
>
> bin/solr auth enable --credentials foo:bar
>
> That will install a default security.json with some decent settings.
> Then you open Admin UI logging in as the foo user, go to the Security Admin
> page and start modifying the security settings using the UI. You'd probably
> want to remove the "all" rule at the end of the chain and also remove the
> "read" rule, and also flip the blockUnknown to false so that you do not
> require authentication unless there is a rule for it.
>
> Jan
>
>> 17. sep. 2024 kl. 12:18 skrev Mugi, Krishnavamsireddy
>> <krishnavamsireddy.m...@paramount.com>:
>>
>> Hi Team,
>>
>> I am trying to enable authentication for my local solr admin console using
>> basic auth plugin, Below is the configuration I am following in the
>> security.json file.
>>
>> {
>> "authentication": {
>> "blockUnknown": true,
>> "class": "solr.BasicAuthPlugin",
>> "credentials": {
>> "admin": "IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0=
>> Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="
>> },
>> "realm": "My Solr users",
>> "forwardCredentials": false
>> },
>> "authorization": {
>> "class": "solr.RuleBasedAuthorizationPlugin",
>> "permissions": [
>> {
>> "name": "security-edit",
>> "role": "admin"
>> }
>> ],
>> "user-role": {
>> "admin": "admin"
>> }
>> }
>> }
>>
>> This configuration is working fine, But it is restricting me to access
>> /select queries also and asking for authentication. I just want to enable
>> authentication to my admin console, I don't want to restrict end users to
>> query my solr. How can I do that? Can anyone help me on the configuration
>> please?
>>
>> Thanks&Regards
>> KrishnaVamsi
>
