SOLR-8053: Basic auth support in SolrJ

git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1703145 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Noble Paul 2015-09-15 10:45:30 +00:00
parent 100a783ab2
commit fdefc995f9
4 changed files with 48 additions and 14 deletions

View File

@ -157,6 +157,8 @@ New Features
system statistics on IBM J9 virtual machines. It also no longer fails on Java 9
with Jigsaw module system. (Uwe Schindler)
* SOLR-8053: Basic auth support in SolrJ (noble)
Bug Fixes
----------------------

View File

@ -18,6 +18,7 @@ package org.apache.solr.security;
*/
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@ -35,6 +36,7 @@ import org.apache.http.message.AbstractHttpMessage;
import org.apache.http.message.BasicHeader;
import org.apache.http.util.EntityUtils;
import org.apache.solr.client.solrj.SolrRequest;
import org.apache.solr.client.solrj.SolrServerException;
import org.apache.solr.client.solrj.embedded.JettySolrRunner;
import org.apache.solr.client.solrj.impl.CloudSolrClient;
import org.apache.solr.client.solrj.impl.HttpSolrClient;
@ -163,19 +165,19 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase {
} catch (HttpSolrClient.RemoteSolrException e) {
}
cloudSolrClient.request(new CollectionAdminRequest.Reload()
.setCollectionName(defaultCollName)
.setBasicAuthCredentials("harry", "HarryIsUberCool"));
/* httpPost = new HttpPost(baseUrl + "/admin/authorization");
setBasicAuthHeader(httpPost, "harry", "HarryIsUberCool");
httpPost.setEntity(new ByteArrayEntity(Utils.toJSON(singletonMap("delete-permission", "collection-admin-edit"))));
r = cl.execute(httpPost); //cleanup so that the super class does not need to pass on credentials
try {
cloudSolrClient.request(new CollectionAdminRequest.Reload()
.setCollectionName(defaultCollName)
.setBasicAuthCredentials("harry", "Cool12345"));
fail("This should not succeed");
} catch (HttpSolrClient.RemoteSolrException e) {
}
for (Slice slice : zkStateReader.getClusterState().getCollection(defaultCollName).getSlices()) {
//ensure that all nodes have removed the collection-admin-edit permission
for (Replica replica : slice.getReplicas()) {
baseUrl = replica.getStr(BASE_URL_PROP);
verifySecurityStatus(cl, baseUrl + "/admin/authorization", "authorization/permissions[2]/name", null, 20);
}
}*/
}
public static void verifySecurityStatus(HttpClient cl, String url, String objPath, Object expected, int count) throws Exception {

View File

@ -46,6 +46,21 @@ public abstract class SolrRequest<T extends SolrResponse> implements Serializabl
private StreamingResponseCallback callback;
private Set<String> queryParams;
private String basicAuthUser, basicAuthPwd;
public SolrRequest setBasicAuthCredentials(String user, String password) {
this.basicAuthUser = user;
this.basicAuthPwd = password;
return this;
}
public String getBasicAuthUser(){
return basicAuthUser;
}
public String getBasicAuthPassword(){
return basicAuthPwd;
}
//---------------------------------------------------------
//---------------------------------------------------------

View File

@ -51,6 +51,7 @@ import org.apache.solr.common.SolrException;
import org.apache.solr.common.params.CommonParams;
import org.apache.solr.common.params.ModifiableSolrParams;
import org.apache.solr.common.params.SolrParams;
import org.apache.solr.common.util.Base64;
import org.apache.solr.common.util.ContentStream;
import org.apache.solr.common.util.ExecutorUtil;
import org.apache.solr.common.util.NamedList;
@ -61,6 +62,7 @@ import org.slf4j.MDC;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.ConnectException;
import java.net.SocketTimeoutException;
import java.nio.charset.StandardCharsets;
@ -75,6 +77,8 @@ import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Future;
import static java.nio.charset.StandardCharsets.UTF_8;
/**
* A SolrClient implementation that talks directly to a Solr server via HTTP
*
@ -230,8 +234,19 @@ public class HttpSolrClient extends SolrClient {
return request(request, processor, null);
}
public NamedList<Object> request(final SolrRequest request, final ResponseParser processor, String collection) throws SolrServerException, IOException {
return executeMethod(createMethod(request, collection),processor);
public NamedList<Object> request(final SolrRequest request, final ResponseParser processor, String collection)
throws SolrServerException, IOException {
HttpRequestBase method = createMethod(request, collection);
setBasicAuthHeader(request, method);
return executeMethod(method, processor);
}
private void setBasicAuthHeader(SolrRequest request, HttpRequestBase method) throws UnsupportedEncodingException {
if (request.getBasicAuthUser() != null && request.getBasicAuthPassword() != null) {
String userPass = request.getBasicAuthUser() + ":" + request.getBasicAuthPassword();
String encoded = Base64.byteArrayToBase64(userPass.getBytes(UTF_8));
method.setHeader(new BasicHeader("Authorization", "Basic " + encoded));
}
}
/**