Apache Solr
|
Securing Solr: Basic Authentication
-
Enable Basic Authentication
Please see this page for more details about securing Solr: https://lucene.apache.org/solr/guide/8_5/securing-solr.html
First, create a security.json file:
In the "security.json" file (above) a user called "solr", with a password "SolrRocks" has been defined.
It's assigned to "admin" role and has permissions set to "all".
Usernames and passwords (as a "sha256(password+salt)" hash) could be added when the file is created, or can be added later with the Basic authentication API. To create you own password you can use the following java code (make sure you have "solr-core" in your classpath):
If you are using Solr in Standalone mode, you should put "security.json" file in "$SOLR_HOME" directory.
If you are using SolrCloud, you must upload "security.json" file to ZooKeeper:
Notes about "security.json" file:
-
The parameter "blockUnknown" is set to "true", which means that unauthenticated requests will be rejected.
If parameter "blockUnknown" is not set in the "security.json" file, it will default to "false", which means that authentication is not enabled.
-
The parameter "forwardCredentials" is set to "false"
which means that Solr’s PKI authentication will handle distributed requests instead of forwarding the Basic Auth header.
-
The parameter "realm" is set to "My Solr users".
If the parameter "realm" is not set, it will default to "solr".
This will be shown on the login prompt: "Please log in with your username and password for realm My Solr users.".
-
The parameter "blockUnknown" is set to "true", which means that unauthenticated requests will be rejected.