Solr Authentication (Standalone Mode)

    • service solr stop
    • /opt/solr-7.7.0/server/etc/webdefault.xml
      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Disable TRACE</web-resource-name>
      <url-pattern>/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
      <role-name>admin</role-name>
      </auth-constraint>
      </security-constraint>

      <login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>Solr Realm</realm-name>
      </login-config
       
    • /opt/solr-7.7.0/server/etc/jetty.xml
      <Call name="addBean">
      <Arg>
      <New class="org.eclipse.jetty.security.HashLoginService">
      <Set name="name">Solr Realm</Set>
      <Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set>
      <Set name="refreshInterval">0</Set>
      </New>
      </Arg>
      </Call>
      at the end
       
    • Generate a password in encrypted format using the following utility provided by Jetty:
      ls /opt/solr/server/lib
      ext                                      jetty-servlet-9.4.14.v20181114.jar
      gmetric4j-1.0.7.jar                      jetty-servlets-9.4.14.v20181114.jar
      javax.servlet-api-3.1.0.jar              jetty-util-9.4.14.v20181114.jar
      jetty-continuation-9.4.14.v20181114.jar  jetty-webapp-9.4.14.v20181114.jar
      jetty-deploy-9.4.14.v20181114.jar        jetty-xml-9.4.14.v20181114.jar
      jetty-http-9.4.14.v20181114.jar          metrics-core-3.2.6.jar
      jetty-io-9.4.14.v20181114.jar            metrics-ganglia-3.2.6.jar
      jetty-jmx-9.4.14.v20181114.jar           metrics-graphite-3.2.6.jar
      jetty-rewrite-9.4.14.v20181114.jar       metrics-jetty9-3.2.6.jar
      jetty-security-9.4.14.v20181114.jar      metrics-jvm-3.2.6.jar
      jetty-server-9.4.14.v20181114.jar

       
    • java -cp lib/jetty-util-9.4.14.v20181114.jar org.eclipse.jetty.util.security.Password <Username> <Password>
      java -cp lib/jetty-util-9.4.14.v20181114.jar org.eclipse.jetty.util.security.Password solr 260986OBF:19q31awt19x219xk1awx19qb
      MD5:a0878576e9a3c1d9cd153934e79aaee2
      CRYPT:soTwTAwAjXYu6
    • nano /opt/solr/server/etc/realm.properties
      solr: CRYPT:soTwTAwAjXYu6,admin
       

    FOR ME THIS METHOD DIDN'T WORK

     

    Different approach (reliable)

    cat  /etc/default/solr.in.sh | grep SOLR_HOME

    cd {solr_home=directory} / cd /var/solr/data

    nano security.json

    {
"authentication":{
   "blockUnknown": true,
   "class":"solr.BasicAuthPlugin",
   "credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
},
"authorization":{
   "class":"solr.RuleBasedAuthorizationPlugin",
   "permissions":[{"name":"security-edit",
      "role":"admin"}],
   "user-role":{"solr":"admin"}
}}

    chown solr:solr security.json

    nano /etc/default/solr.in.sh

    SOLR_AUTH_TYPE="basic"
    SOLR_AUTHENTICATION_OPTS="-Dbasicauth=solr:SolrRocks"

    service solr restart

     curl --user solr:SolrRocks http://localhost:8983/solr/admin/authentication -H 'Content-type:application/json' -d '{
      "set-user": {"solr" : "my_password"}}'

    {
      "responseHeader":{
        "status":0,
        "QTime":64}}

    After this request your new encrypted password will be successfully recorded to /var/solr/data/security.json

    and here it is!

     

    Tags: 
    solr