Solr security

HTTP basic auth

Basic auth is set with security.json which has to be placed in:

/var/lib/solr

File should look like:

{
  "authentication":
  {
    "blockUnknown": true,
    "class":"solr.BasicAuthPlugin",
    "credentials": {"solr": "kk0s4Vkan/ZVacQ7csNpQNw+HaiZy7xv1Mq8eZmXO6w= xLKNKUjjyIjlYtEMz7jNL3VTgN+8nFDQac+V5tfA1Ds=" }
  },
  "authorization":
  {
    "class":"solr.RuleBasedAuthorizationPlugin",
    "permissions":[{"name":"security-edit", "role":"admin"}],
    "user-role":{"solr":"admin"}
  }
}

Credentials are generated by SolrPasswordHash.java, by running:

javac -cp /usr/share/java/commons-codec.jar SolrPasswordHash.java
java -cp .:/usr/share/java/commons-codec.jar SolrPasswordHash <password>

If you're using cloud, upload the file to Zookeeper:

su - solr
/usr/share/solr/bin/solr zk -z yyz-zoo01.prod.neogov.net:2181 cp file:/var/lib/solr/security.json zk:/security.json

Verify auth is working:

curl --user solr:solrRocks http://localhost:8983/solr/mycore/admin/ping

Solr https

Switch inter-cluster comms to https:

su - solr
source /etc/sysconfig/solr
/usr/share/solr/server/scripts/cloud-scripts/zkcli.sh -zkhost $ZK_HOST -cmd clusterprop -name urlScheme -val https

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

security.md

security.md

Solr security

HTTP basic auth

Solr https

Files

security.md

Latest commit

History

security.md

File metadata and controls

Solr security

HTTP basic auth

Solr https