SOLR-14014 Allow disabling AdminUI at launch (#1471)

This commit is contained in:
Marcus 2020-05-04 14:51:31 -07:00 committed by GitHub
parent 1783c4ad47
commit 6f775bfa69
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 48 additions and 15 deletions

View File

@ -67,6 +67,10 @@ Other Changes
* SOLR-14412: Automatically set urlScheme to https when running secure solr with embedded zookeeper. (Mike Drob) * SOLR-14412: Automatically set urlScheme to https when running secure solr with embedded zookeeper. (Mike Drob)
Do not erroneously set solr.jetty.https.port system property when running in http mode (Upendra Penegalapati) Do not erroneously set solr.jetty.https.port system property when running in http mode (Upendra Penegalapati)
* SOLR-14014: Introducing a system property that allows users to disable the Admin UI, which is enabled by default.
If you have security concerns or other reasons to disable the Admin UI, you can modify `SOLR_ADMIN_UI_DISABLED`
`solr.in.sh`/`solr.in.cmd` at start. (marcussorealheis)
================== 8.6.0 ================== ================== 8.6.0 ==================
Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release. Consult the LUCENE_CHANGES.txt file for additional, low level, changes in this release.

View File

@ -2097,6 +2097,14 @@ else
SECURITY_MANAGER_OPTS=() SECURITY_MANAGER_OPTS=()
fi fi
# Enable ADMIN UI by default, and give the option for users to disable it
if [ "$SOLR_ADMIN_UI_DISABLED" == "true" ]; then
SOLR_ADMIN_UI="-DdisableAdminUI=true"
echo -e "ADMIN UI Disabled"
else
SOLR_ADMIN_UI="-DdisableAdminUI=false"
fi
JAVA_MEM_OPTS=() JAVA_MEM_OPTS=()
if [ -z "$SOLR_HEAP" ] && [ -n "$SOLR_JAVA_MEM" ]; then if [ -z "$SOLR_HEAP" ] && [ -n "$SOLR_JAVA_MEM" ]; then
JAVA_MEM_OPTS=($SOLR_JAVA_MEM) JAVA_MEM_OPTS=($SOLR_JAVA_MEM)
@ -2208,7 +2216,7 @@ function start_solr() {
# users who don't care about useful error msgs can override in SOLR_OPTS with +OmitStackTraceInFastThrow # users who don't care about useful error msgs can override in SOLR_OPTS with +OmitStackTraceInFastThrow
"${SOLR_HOST_ARG[@]}" "-Duser.timezone=$SOLR_TIMEZONE" "-XX:-OmitStackTraceInFastThrow" \ "${SOLR_HOST_ARG[@]}" "-Duser.timezone=$SOLR_TIMEZONE" "-XX:-OmitStackTraceInFastThrow" \
"-Djetty.home=$SOLR_SERVER_DIR" "-Dsolr.solr.home=$SOLR_HOME" "-Dsolr.data.home=$SOLR_DATA_HOME" "-Dsolr.install.dir=$SOLR_TIP" \ "-Djetty.home=$SOLR_SERVER_DIR" "-Dsolr.solr.home=$SOLR_HOME" "-Dsolr.data.home=$SOLR_DATA_HOME" "-Dsolr.install.dir=$SOLR_TIP" \
"-Dsolr.default.confdir=$DEFAULT_CONFDIR" "${LOG4J_CONFIG[@]}" "${SOLR_OPTS[@]}" "${SECURITY_MANAGER_OPTS[@]}") "-Dsolr.default.confdir=$DEFAULT_CONFDIR" "${LOG4J_CONFIG[@]}" "${SOLR_OPTS[@]}" "${SECURITY_MANAGER_OPTS[@]}" "${SOLR_ADMIN_UI}")
if [ "$SOLR_MODE" == "solrcloud" ]; then if [ "$SOLR_MODE" == "solrcloud" ]; then
IN_CLOUD_MODE=" in SolrCloud mode" IN_CLOUD_MODE=" in SolrCloud mode"

View File

@ -1199,6 +1199,13 @@ IF "%SOLR_SECURITY_MANAGER_ENABLED%"=="true" (
-Dsolr.internal.network.permission=* -Dsolr.internal.network.permission=*
) )
REM Enable ADMIN UI by default, and give the option for users to disable it
IF "%SOLR_ADMIN_UI_DISABLED%"=="true" (
set DISABLE_ADMIN_UI="true"
) else (
set DISABLE_ADMIN_UI="false"
)
IF NOT "%SOLR_HEAP%"=="" set SOLR_JAVA_MEM=-Xms%SOLR_HEAP% -Xmx%SOLR_HEAP% IF NOT "%SOLR_HEAP%"=="" set SOLR_JAVA_MEM=-Xms%SOLR_HEAP% -Xmx%SOLR_HEAP%
IF "%SOLR_JAVA_MEM%"=="" set SOLR_JAVA_MEM=-Xms512m -Xmx512m IF "%SOLR_JAVA_MEM%"=="" set SOLR_JAVA_MEM=-Xms512m -Xmx512m
IF "%SOLR_JAVA_STACK_SIZE%"=="" set SOLR_JAVA_STACK_SIZE=-Xss256k IF "%SOLR_JAVA_STACK_SIZE%"=="" set SOLR_JAVA_STACK_SIZE=-Xss256k
@ -1288,6 +1295,7 @@ REM '-OmitStackTraceInFastThrow' ensures stack traces in errors,
REM users who don't care about useful error msgs can override in SOLR_OPTS with +OmitStackTraceInFastThrow REM users who don't care about useful error msgs can override in SOLR_OPTS with +OmitStackTraceInFastThrow
set "START_OPTS=%START_OPTS% -XX:-OmitStackTraceInFastThrow" set "START_OPTS=%START_OPTS% -XX:-OmitStackTraceInFastThrow"
set START_OPTS=%START_OPTS% !GC_TUNE! %GC_LOG_OPTS% set START_OPTS=%START_OPTS% !GC_TUNE! %GC_LOG_OPTS%
set START_OPTS=%START_OPTS% -DdisableAdminUI=%DISABLE_ADMIN_UI%
IF NOT "!CLOUD_MODE_OPTS!"=="" set "START_OPTS=%START_OPTS% !CLOUD_MODE_OPTS!" IF NOT "!CLOUD_MODE_OPTS!"=="" set "START_OPTS=%START_OPTS% !CLOUD_MODE_OPTS!"
IF NOT "!IP_ACL_OPTS!"=="" set "START_OPTS=%START_OPTS% !IP_ACL_OPTS!" IF NOT "!IP_ACL_OPTS!"=="" set "START_OPTS=%START_OPTS% !IP_ACL_OPTS!"
IF NOT "%REMOTE_JMX_OPTS%"=="" set "START_OPTS=%START_OPTS% %REMOTE_JMX_OPTS%" IF NOT "%REMOTE_JMX_OPTS%"=="" set "START_OPTS=%START_OPTS% %REMOTE_JMX_OPTS%"

View File

@ -203,3 +203,8 @@ REM Runtime properties are passed to the security policy file (server\etc\securi
REM You can also tweak via standard JDK files such as ~\.java.policy, see https://s.apache.org/java8policy REM You can also tweak via standard JDK files such as ~\.java.policy, see https://s.apache.org/java8policy
REM This is experimental! It may not work at all with Hadoop/HDFS features. REM This is experimental! It may not work at all with Hadoop/HDFS features.
REM set SOLR_SECURITY_MANAGER_ENABLED=true REM set SOLR_SECURITY_MANAGER_ENABLED=true
REM This variable provides you with the option to disable the Admin UI. if you uncomment the variable below and
REM change the value to true. The option is configured as a system property as defined in SOLR_START_OPTS in the start
REM scripts.
REM set SOLR_ADMIN_UI_DISABLED=false

View File

@ -234,4 +234,7 @@
# You can also tweak via standard JDK files such as ~/.java.policy, see https://s.apache.org/java8policy # You can also tweak via standard JDK files such as ~/.java.policy, see https://s.apache.org/java8policy
# This is experimental! It may not work at all with Hadoop/HDFS features. # This is experimental! It may not work at all with Hadoop/HDFS features.
#SOLR_SECURITY_MANAGER_ENABLED=true #SOLR_SECURITY_MANAGER_ENABLED=true
# This variable provides you with the option to disable the Admin UI. if you uncomment the variable below and
# change the value to true. The option is configured as a system property as defined in SOLR_START_OPTS in the start
# scripts.
# SOLR_ADMIN_UI_DISABLED=false

View File

@ -15,6 +15,13 @@
* limitations under the License. * limitations under the License.
*/ */
package org.apache.solr.servlet; package org.apache.solr.servlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.io.Writer;
import java.nio.charset.StandardCharsets;
import org.apache.commons.io.IOUtils; import org.apache.commons.io.IOUtils;
import org.apache.commons.io.output.CloseShieldOutputStream; import org.apache.commons.io.output.CloseShieldOutputStream;
@ -24,15 +31,6 @@ import org.apache.solr.common.params.CommonParams;
import org.apache.solr.core.CoreContainer; import org.apache.solr.core.CoreContainer;
import org.apache.solr.core.SolrCore; import org.apache.solr.core.SolrCore;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.io.Writer;
import java.nio.charset.StandardCharsets;
/** /**
* A simple servlet to load the Solr Admin UI * A simple servlet to load the Solr Admin UI
* *
@ -40,13 +38,20 @@ import java.nio.charset.StandardCharsets;
*/ */
public final class LoadAdminUiServlet extends BaseSolrServlet { public final class LoadAdminUiServlet extends BaseSolrServlet {
// check system properties for whether or not admin UI is disabled, default is false
private static final boolean disabled = Boolean.parseBoolean(System.getProperty("disableAdminUI", "false"));
@Override @Override
public void doGet(HttpServletRequest _request, public void doGet(HttpServletRequest _request, HttpServletResponse _response) throws IOException {
HttpServletResponse _response) if(disabled){
throws IOException { _response.sendError(404, "Solr Admin UI is disabled. To enable it, change the default value of SOLR_ADMIN_UI_" +
"ENABLED in bin/solr.in.sh or solr.in.cmd.");
return;
}
HttpServletRequest request = SolrDispatchFilter.closeShield(_request, false); HttpServletRequest request = SolrDispatchFilter.closeShield(_request, false);
HttpServletResponse response = SolrDispatchFilter.closeShield(_response, false); HttpServletResponse response = SolrDispatchFilter.closeShield(_response, false);
response.addHeader("X-Frame-Options", "DENY"); // security: SOLR-7966 - avoid clickjacking for admin interface response.addHeader("X-Frame-Options", "DENY"); // security: SOLR-7966 - avoid clickjacking for admin interface
// This attribute is set by the SolrDispatchFilter // This attribute is set by the SolrDispatchFilter