diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt index 9ed4d0a3522..7c762d25407 100644 --- a/solr/CHANGES.txt +++ b/solr/CHANGES.txt @@ -51,6 +51,8 @@ Bug Fixes to be consistent with other places in Solr. Language names still work for backwards compatibility. (Uwe Schindler, Boris Steiner) +* SOLR-9188: blockUnknown property makes inter-node communication impossible (noble) + Optimizations ---------------------- diff --git a/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java b/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java index e3f53a26ae8..49c02d72e0c 100644 --- a/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java +++ b/solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java @@ -71,6 +71,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita for (Map.Entry e : command.getDataMap().entrySet()) { if (PROPS.contains(e.getKey())) { latestConf.put(e.getKey(), e.getValue()); + return latestConf; } else { command.addError("Unknown property " + e.getKey()); } diff --git a/solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java b/solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java index 4a680e5591c..1b8c386911c 100644 --- a/solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java +++ b/solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java @@ -302,6 +302,7 @@ public class SolrDispatchFilter extends BaseSolrFilter { if (authenticationPlugin == null) { return true; } else { + if( PKIAuthenticationPlugin.PATH.equals(((HttpServletRequest) request).getPathInfo()) ) return true; //special case when solr is securing inter-node requests String header = ((HttpServletRequest) request).getHeader(PKIAuthenticationPlugin.HEADER); if (header != null && cores.getPkiAuthenticationPlugin() != null) diff --git a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java index 5cb322fc0f2..f0d8b604d03 100644 --- a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java +++ b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java @@ -194,7 +194,7 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase { cloudSolrClient.request(update); - executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool"); + executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool"); String[] toolArgs = new String[]{ "status", "-solr", baseUrl}; ByteArrayOutputStream baos = new ByteArrayOutputStream(); @@ -212,7 +212,7 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase { log.error("RunExampleTool failed due to: " + e + "; stdout from tool prior to failure: " + baos.toString(StandardCharsets.UTF_8.name())); } - executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: false}}", "harry", "HarryIsUberCool"); + executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: false}}", "harry", "HarryIsUberCool"); } finally { if (cl != null) { HttpClientUtil.close(cl); @@ -232,12 +232,21 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase { Utils.consumeFully(r.getEntity()); } - public static void verifySecurityStatus(HttpClient cl, String url, String objPath, Object expected, int count) throws Exception { + public static void verifySecurityStatus(HttpClient cl, String url, String objPath, + Object expected, int count) throws Exception { + verifySecurityStatus(cl, url, objPath, expected, count, null, null); + } + + + public static void verifySecurityStatus(HttpClient cl, String url, String objPath, + Object expected, int count, String user, String pwd) + throws Exception { boolean success = false; String s = null; List hierarchy = StrUtils.splitSmart(objPath, '/'); for (int i = 0; i < count; i++) { HttpGet get = new HttpGet(url); + if (user != null) setBasicAuthHeader(get, user, pwd); HttpResponse rsp = cl.execute(get); s = EntityUtils.toString(rsp.getEntity()); Map m = (Map) Utils.fromJSONString(s);