Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] Protecting Apache Solr with HTTP Basic Authentication

Hello!

I'd like to run several standalone Solr cores on one host under different
system users and therefore needed to protect them with password authentication.

These are the original files:
http://svn.apache.org/viewvc/lucene/dev/tags/lucene_solr_4_5_0/solr/example/etc/jetty.xml?revision=1528422&view=markup
http://svn.apache.org/viewvc/lucene/dev/tags/lucene_solr_4_5_0/solr/example/contexts/solr-jetty-context.xml?revision=1528422&view=markup
http://pastebin.com/r6HW74jX

These are my additions:
http://pastebin.com/VJ7XXJk1

My problem: No authentication is even tried by the server.
Here comes the afterStart dump of the server:

=== snip ===
org.eclipse.jetty.server.Server@3a7c4526 - STARTING
 +- org.eclipse.jetty.server.handler.HandlerCollection@349fdfc9 - STARTED
 |   |
 |   +- org.eclipse.jetty.server.handler.ContextHandlerCollection@6c1d201c - STARTED
 |   |   |
 |   |   +- o.e.j.w.WebAppContext{/solr,file:/some/path/solr-4.5.0/solr-webapp/webapp/},/some/path/solr-4.5.0/webapps/solr.war - STARTED
 |   |       +- WebAppClassLoader=1748839966@683d2e1e
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/commons-cli-1.2.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/commons-codec-1.7.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/commons-configuration-1.6.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/commons-fileupload-1.2.1.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/commons-lang-2.6.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/concurrentlinkedhashmap-lru-1.2.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/dom4j-1.6.1.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/guava-14.0.1.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/hadoop-annotations-2.0.5-alpha.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/hadoop-auth-2.0.5-alpha.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/hadoop-common-2.0.5-alpha.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/hadoop-hdfs-2.0.5-alpha.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/joda-time-2.2.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/org.restlet-2.1.1.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/org.restlet.ext.servlet-2.1.1.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/protobuf-java-2.4.0a.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/spatial4j-0.3.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/commons-io-2.1.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/httpclient-4.2.3.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/httpcore-4.2.2.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/httpmime-4.2.3.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/noggit-0.5.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/wstx-asl-3.2.7.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/zookeeper-3.4.5.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-analyzers-common-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-analyzers-kuromoji-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-analyzers-phonetic-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-codecs-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-core-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-grouping-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-highlighter-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-join-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-memory-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-misc-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-queries-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-queryparser-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-spatial-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/lucene-suggest-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/solr-core-4.5.0.jar
 |   |       |   +- file:/some/path/solr-4.5.0/solr-webapp/webapp/WEB-INF/lib/solr-solrj-4.5.0.jar
 |   |       |   |
 |   |       |   +- startJarLoader@93478c8
 |   |       |       +- file:/some/path/solr-4.5.0/resources/
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-xml-8.1.10.v20130312.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/servlet-api-3.0.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-http-8.1.10.v20130312.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-continuation-8.1.10.v20130312.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-server-8.1.10.v20130312.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-security-8.1.10.v20130312.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-servlet-8.1.10.v20130312.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-webapp-8.1.10.v20130312.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-deploy-8.1.10.v20130312.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/ext/jcl-over-slf4j-1.6.6.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/ext/jul-to-slf4j-1.6.6.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/ext/log4j-1.2.16.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/ext/slf4j-api-1.6.6.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/ext/slf4j-log4j12-1.6.6.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-util-8.1.10.v20130312.jar
 |   |       |       +- file:/some/path/solr-4.5.0/lib/jetty-io-8.1.10.v20130312.jar
 |   |       |       |
 |   |       |       +- sun.misc.Launcher$AppClassLoader@45a1472d
 |   |       |           +- file:/some/path/solr-4.5.0/start.jar
 |   |       |           |
 |   |       |           +- sun.misc.Launcher$ExtClassLoader@5f47ff11
 |   |       |
 |   |       +- org.eclipse.jetty.server.session.SessionHandler@6fc8fce8 - STARTED
 |   |       |   |
 |   |       |   +- org.eclipse.jetty.security.ConstraintSecurityHandler@74541cad - STARTED
 |   |       |       +- HashLoginService[Test Realm] - STARTED
 |   |       |       |
 |   |       |       +- org.eclipse.jetty.security.DefaultIdentityService@883ca2e
 |   |       |       |
 |   |       |       +- org.eclipse.jetty.security.authentication.BasicAuthenticator@44e9660
 |   |       |       |
 |   |       |       +- []
 |   |       |       |
 |   |       |       +- /={TRACE={RoleInfo,F,C[]}}
 |   |       |       |
 |   |       |       |
 |   |       |       +- org.eclipse.jetty.servlet.ServletHandler@50a4a6f0 - STARTED
 |   |       |           |
 |   |       |           |
 |   |       |           +- [/*]/[]==0=>SolrRequestFilter
 |   |       |           |
 |   |       |           +- SolrRequestFilter==org.apache.solr.servlet.SolrDispatchFilter - STARTED
 |   |       |           |
 |   |       |           +- [/]=>default
 |   |       |           +- [*.jsp, *.jspf, *.jspx, *.xsp, *.JSP, *.JSPF, *.JSPX, *.XSP]=>jsp
 |   |       |           +- [/admin/]=>RedirectOldAdminUI
 |   |       |           +- [/admin]=>RedirectOldAdminUI
 |   |       |           +- [/zookeeper.jsp]=>RedirectOldZookeeper
 |   |       |           +- [/logging]=>RedirectLogging
 |   |       |           +- [/zookeeper]=>Zookeeper
 |   |       |           +- [/admin.html]=>LoadAdminUI
 |   |       |           +- [/schema/*]=>SolrRestApi
 |   |       |           |
 |   |       |           +- default==org.eclipse.jetty.servlet.DefaultServlet - STARTED
 |   |       |           |   +- maxCacheSize=256000000
 |   |       |           |   +- dirAllowed=true
 |   |       |           |   +- gzip=true
 |   |       |           |   +- maxCachedFileSize=200000000
 |   |       |           |   +- redirectWelcome=false
 |   |       |           |   +- acceptRanges=true
 |   |       |           |   +- welcomeServlets=false
 |   |       |           |   +- aliases=false
 |   |       |           |   +- useFileMappedBuffer=true
 |   |       |           |   +- maxCachedFiles=2048
 |   |       |           +- jsp==org.eclipse.jetty.servlet.NoJspServlet - STARTED
 |   |       |           |   +- xpoweredBy=false
 |   |       |           |   +- fork=false
 |   |       |           |   +- logVerbosityLevel=DEBUG
 |   |       |           +- Zookeeper==org.apache.solr.servlet.ZookeeperInfoServlet - STARTED
 |   |       |           +- LoadAdminUI==org.apache.solr.servlet.LoadAdminUiServlet - STARTED
 |   |       |           +- RedirectOldAdminUI==org.apache.solr.servlet.RedirectServlet - STARTED
 |   |       |           |   +- destination=${context}/#/
 |   |       |           +- RedirectOldZookeeper==org.apache.solr.servlet.RedirectServlet - STARTED
 |   |       |           |   +- destination=${context}/zookeeper
 |   |       |           +- RedirectLogging==org.apache.solr.servlet.RedirectServlet - STARTED
 |   |       |           |   +- destination=${context}/#/~logging
 |   |       |           +- SolrRestApi==org.restlet.ext.servlet.ServerServlet - STARTED
 |   |       |               +- org.restlet.application=org.apache.solr.rest.SolrRestApi
 |   |       |
 |   |       |
 |   |       |
 |   |       +- org.eclipse.jetty.tmpdirConfigured=true
 |   |       +- javax.servlet.context.tempdir=/some/path/solr-4.5.0/solr-webapp
 |   |       +- org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern=.*/servlet-api-[^/]*\.jar$
 |   +- org.eclipse.jetty.server.handler.DefaultHandler@58651b62 - STARTED
 |   +- org.eclipse.jetty.server.handler.RequestLogHandler@71f2ba86 - STARTED
 |
 +- HashLoginService[Test Realm] - STARTED
 +- qtp686458541{10<=9<=10/10000,0} - STARTED
 |   +- 10 qtp686458541-10 Acceptor0 SocketConnector@localhost:8983 RUNNABLE @ java.net.PlainSocketImpl.socketAccept(Native Method)
 |   +- 11 qtp686458541-11 TIMED_WAITING @ sun.misc.Unsafe.park(Native Method) IDLE
 |   +- 12 qtp686458541-12 TIMED_WAITING @ sun.misc.Unsafe.park(Native Method) IDLE
 |   +- 13 qtp686458541-13 TIMED_WAITING @ sun.misc.Unsafe.park(Native Method) IDLE
 |   +- 14 qtp686458541-14 TIMED_WAITING @ sun.misc.Unsafe.park(Native Method) IDLE
 |   +- 15 qtp686458541-15 TIMED_WAITING @ sun.misc.Unsafe.park(Native Method) IDLE
 |   +- 16 qtp686458541-16 TIMED_WAITING @ sun.misc.Unsafe.park(Native Method) IDLE
 |   +- 17 qtp686458541-17 TIMED_WAITING @ sun.misc.Unsafe.park(Native Method) IDLE
 |   +- 18 qtp686458541-18 TIMED_WAITING @ sun.misc.Unsafe.park(Native Method) IDLE
 |   +- 19 qtp686458541-19 TIMED_WAITING @ sun.misc.Unsafe.park(Native Method) IDLE
 +- org.eclipse.jetty.deploy.DeploymentManager@68aa419e - STARTED
 |   +- org.eclipse.jetty.deploy.providers.ContextProvider@1ba21c1 - STARTED
 +- org.eclipse.jetty.server.session.HashSessionIdManager@62fe06c9 - STARTED
 |
 +- SocketConnector@localhost:8983 - STARTED
     +- PooledBuffers [0/1024@6144,0/1024@16384,0/1024@-]/PooledBuffers [0/1024@6144,0/1024@32768,0/1024@-] - STARTED
     +- qtp686458541{10<=9<=10/10000,0} - STARTED
=== snap ===

As can be seen, the HashLoginService "Test Realm" is created, but not used
anyhow. I'm only getting HTTP 200 answers instead of the required 401 ones.
What is still missing?

Greetings,
Fabiano


Back to the top