diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt index 0690864004f..d165e636dee 100644 --- a/solr/CHANGES.txt +++ b/solr/CHANGES.txt @@ -198,6 +198,8 @@ Bug Fixes scheduled triggers not be used for very frequent operations to avoid this problem. (ab, shalin) +* SOLR-12514: Rule-base Authorization plugin skips authorization if querying node does not have collection replica (noble) + Improvements ---------------------- diff --git a/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java b/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java index bb4432c58c8..b8332448e60 100644 --- a/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java +++ b/solr/core/src/java/org/apache/solr/servlet/HttpSolrCall.java @@ -496,6 +496,7 @@ public class HttpSolrCall { handleAdminRequest(); return RETURN; case REMOTEQUERY: + SolrRequestInfo.setRequestInfo(new SolrRequestInfo(solrReq, new SolrQueryResponse())); remoteQuery(coreUrl + path, resp); return RETURN; case PROCESS: diff --git a/solr/core/src/test/org/apache/solr/cloud/TestSolrCloudWithSecureImpersonation.java b/solr/core/src/test/org/apache/solr/cloud/TestSolrCloudWithSecureImpersonation.java index a149b33ab4a..1f737993112 100644 --- a/solr/core/src/test/org/apache/solr/cloud/TestSolrCloudWithSecureImpersonation.java +++ b/solr/core/src/test/org/apache/solr/cloud/TestSolrCloudWithSecureImpersonation.java @@ -312,6 +312,7 @@ public class TestSolrCloudWithSecureImpersonation extends SolrTestCaseJ4 { } @Test + @AwaitsFix(bugUrl = "https://issues.apache.org/jira/browse/SOLR-13098") public void testForwarding() throws Exception { String collectionName = "forwardingCollection"; miniCluster.uploadConfigSet(TEST_PATH().resolve("collection1/conf"), "conf1"); diff --git a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java index 685446984f9..0db2a0d9c08 100644 --- a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java +++ b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java @@ -100,7 +100,7 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase { @Test //commented 9-Aug-2018 @BadApple(bugUrl="https://issues.apache.org/jira/browse/SOLR-12028") // 21-May-2018 - @BadApple(bugUrl="https://issues.apache.org/jira/browse/SOLR-12028") // annotated on: 24-Dec-2018 +// @BadApple(bugUrl="https://issues.apache.org/jira/browse/SOLR-12028") // annotated on: 24-Dec-2018 public void testBasicAuth() throws Exception { boolean isUseV2Api = random().nextBoolean(); String authcPrefix = "/admin/authentication"; @@ -239,6 +239,19 @@ public class BasicAuthIntegrationTest extends SolrCloudAuthTestCase { del.setCommitWithin(10); del.process(cluster.getSolrClient(), COLLECTION); + //Test for SOLR-12514. Create a new jetty . This jetty does not have the collection. + //Make a request to that jetty and it should fail + JettySolrRunner aNewJetty = cluster.startJettySolrRunner(); + try { + del = new UpdateRequest().deleteByQuery("*:*"); + del.process(aNewJetty.newClient(), COLLECTION); + fail("This should not have succeeded without credentials"); + } catch (HttpSolrClient.RemoteSolrException e) { + assertTrue(e.getMessage().contains("Unauthorized request")); + } finally { + cluster.stopJettySolrRunner(aNewJetty); + } + addDocument("harry","HarryIsUberCool","id", "4"); executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool");