Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SOLR-9188: blockUnknown property makes inter-node communication impossible

This commit is contained in:
Noble Paul 2016-08-29 18:38:56 +05:30
parent 213c184a58
commit b3526c568c
4 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
solr/CHANGES.txt
View File

@ -51,6 +51,8 @@ Bug Fixes
to be consistent with other places in Solr. Language names still work for backwards to be consistent with other places in Solr. Language names still work for backwards
compatibility. (Uwe Schindler, Boris Steiner) compatibility. (Uwe Schindler, Boris Steiner)
* SOLR-9188: blockUnknown property makes inter-node communication impossible (noble)
Optimizations Optimizations
---------------------- ----------------------

1
solr/core/src/java/org/apache/solr/security/BasicAuthPlugin.java
View File

@ -71,6 +71,7 @@ public class BasicAuthPlugin extends AuthenticationPlugin implements ConfigEdita
for (Map.Entry<String, Object> e : command.getDataMap().entrySet()) { for (Map.Entry<String, Object> e : command.getDataMap().entrySet()) {
if (PROPS.contains(e.getKey())) { if (PROPS.contains(e.getKey())) {
latestConf.put(e.getKey(), e.getValue()); latestConf.put(e.getKey(), e.getValue());
return latestConf;
} else { } else {
command.addError("Unknown property " + e.getKey()); command.addError("Unknown property " + e.getKey());
} }

1
solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java
View File

@ -302,6 +302,7 @@ public class SolrDispatchFilter extends BaseSolrFilter {
if (authenticationPlugin == null) { if (authenticationPlugin == null) {
return true; return true;
} else { } else {
if( PKIAuthenticationPlugin.PATH.equals(((HttpServletRequest) request).getPathInfo()) ) return true;
//special case when solr is securing inter-node requests //special case when solr is securing inter-node requests
String header = ((HttpServletRequest) request).getHeader(PKIAuthenticationPlugin.HEADER); String header = ((HttpServletRequest) request).getHeader(PKIAuthenticationPlugin.HEADER);
if (header != null && cores.getPkiAuthenticationPlugin() != null) if (header != null && cores.getPkiAuthenticationPlugin() != null)

15
solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
View File

@ -194,7 +194,7 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase {
cloudSolrClient.request(update); cloudSolrClient.request(update);
executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool"); executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool");
String[] toolArgs = new String[]{ String[] toolArgs = new String[]{
"status", "-solr", baseUrl}; "status", "-solr", baseUrl};
ByteArrayOutputStream baos = new ByteArrayOutputStream(); ByteArrayOutputStream baos = new ByteArrayOutputStream();
@ -212,7 +212,7 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase {
log.error("RunExampleTool failed due to: " + e + log.error("RunExampleTool failed due to: " + e +
"; stdout from tool prior to failure: " + baos.toString(StandardCharsets.UTF_8.name())); "; stdout from tool prior to failure: " + baos.toString(StandardCharsets.UTF_8.name()));
} }
executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: false}}", "harry", "HarryIsUberCool"); executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: false}}", "harry", "HarryIsUberCool");
} finally { } finally {
if (cl != null) { if (cl != null) {
HttpClientUtil.close(cl); HttpClientUtil.close(cl);
@ -232,12 +232,21 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase {
Utils.consumeFully(r.getEntity()); Utils.consumeFully(r.getEntity());
} }
public static void verifySecurityStatus(HttpClient cl, String url, String objPath, Object expected, int count) throws Exception { public static void verifySecurityStatus(HttpClient cl, String url, String objPath,
Object expected, int count) throws Exception {
verifySecurityStatus(cl, url, objPath, expected, count, null, null);
}
public static void verifySecurityStatus(HttpClient cl, String url, String objPath,
Object expected, int count, String user, String pwd)
throws Exception {
boolean success = false; boolean success = false;
String s = null; String s = null;
List<String> hierarchy = StrUtils.splitSmart(objPath, '/'); List<String> hierarchy = StrUtils.splitSmart(objPath, '/');
for (int i = 0; i < count; i++) { for (int i = 0; i < count; i++) {
HttpGet get = new HttpGet(url); HttpGet get = new HttpGet(url);
if (user != null) setBasicAuthHeader(get, user, pwd);
HttpResponse rsp = cl.execute(get); HttpResponse rsp = cl.execute(get);
s = EntityUtils.toString(rsp.getEntity()); s = EntityUtils.toString(rsp.getEntity());
Map m = (Map) Utils.fromJSONString(s); Map m = (Map) Utils.fromJSONString(s);