[jetty-users] HTTP Basic Authentication with solr's jetty

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jetty-users] HTTP Basic Authentication with solr's jetty

From: Fabiano Sidler <fabianosidler@xxxxxxxxxxxxxx>
Date: Fri, 1 Nov 2013 16:48:59 +0100
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>
Mail-followup-to: jetty-users@xxxxxxxxxxx
User-agent: Mutt/1.5.21 (2010-09-15)

Hi folks!

I was asking this question the week before last already, but haven't got any
answer.

I'm going to run multiple Solr instances on one server, which arises the need
of user authentication in front of Solr. I've done the following steps (after
a lot of others which didn't work):

=== snip ===
diff -wur solr-4.5.0.orig/example/etc/jetty.xml solr-4.5.0/example/etc/jetty.xml
--- solr-4.5.0.orig/example/etc/jetty.xml 2013-09-12 14:12:53.000000000 +0200
+++ solr-4.5.0/example/etc/jetty.xml     2013-10-28 17:14:49.000000000 +0100
@@ -12,6 +12,16 @@

 <Configure id="Server" class="org.eclipse.jetty.server.Server">

+    <Call name="addBean">
+      <Arg>
+        <New class="org.eclipse.jetty.security.HashLoginService">
+          <Set name="name">Test Realm</Set>
+          <Set name="config">/some/path/solr-4.5.0/example/passwords.properties</Set>
+          <Set name="refreshInterval">0</Set>
+        </New>
+      </Arg>
+    </Call>
+
     <!-- =========================================================== -->
     <!-- Server Thread Pool                                          -->
     <!-- =========================================================== -->
diff -wur solr-4.5.0.orig/example/etc/webdefault.xml solr-4.5.0/example/etc/webdefault.xml
--- solr-4.5.0.orig/example/etc/webdefault.xml    2013-09-12 14:12:53.000000000 +0200
+++ solr-4.5.0/example/etc/webdefault.xml        2013-10-28 17:27:43.000000000 +0100
@@ -520,8 +520,14 @@
       <url-pattern>/</url-pattern>
       <http-method>TRACE</http-method>
     </web-resource-collection>
-    <auth-constraint/>
+    <auth-constraint>
+      <role-name>*</role-name>
+    </auth-constraint>
   </security-constraint>

+  <login-config>
+    <auth-method>BASIC</auth-method>
+    <realm-name>Test Realm</realm-name>
+  </login-config>
 </web-app>
diff 
=== snap ===

The example/password.properties file contains the following test accounts:
=== snip ===
user: user,user
admin: admin,admin
=== snap ===


The problem now is that still no authentication is run by jetty and thus I
can connect to Solr core without being authenticated. What is still neede
to finally activate authentication?

Greetings,
Fabiano

Follow-Ups:
- Re: [jetty-users] HTTP Basic Authentication with solr's jetty
  - From: Fabiano Sidler

Prev by Date: [jetty-users] How does Jetty thread pool work? QueuedThreadPool is not creating new threads
Next by Date: [jetty-users] Jetty 9.1 WebSocketCreator + javax.websocket.Endpoint
Previous by thread: [jetty-users] How does Jetty thread pool work? QueuedThreadPool is not creating new threads
Next by thread: Re: [jetty-users] HTTP Basic Authentication with solr's jetty
Index(es):
- Date
- Thread

Breadcrumbs