Reputation: 1
SolrCloud Basic Authentication Password appears on admin page
We set up basic authentication on solr but the credentails appear on Admin Dashboard.
Is there a way to stop particular jvm argument i.e credentials.Or can we stop all jvm arguments from appearing?
Please suggest
Upvotes: 0
Views: 447
Answers (1)
Reputation: 9320
Most likely you specified login/password as plain JVM parameter, that’s why you could see it on Admin page.
However, Solr also have capability to control Basic Auth through security.json file which could look like this:
{
"authentication":{
"blockUnknown": true,
"class":"solr.BasicAuthPlugin",
"credentials":{"solr":"IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c="}
},
"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions":[{"name":"security-edit",
"role":"admin"}],
"user-role":{"solr":"admin"}
}}
By doing so, we specified user with name solr and password - which is base64 encoded string “SolrRocks”. This file should be properly placed either in $SOLR_HOME if you’re using legacy scaling or in ZooKeeper, if you’re using SolrCloud.
After doing so, you will configure Basic Auth and password won’t appear on the JVM arguments.
Of course there are general recommendations - you need to use SSL (by default password would be send in plain text), also you need to protect securiry.json file from modification/read as well.
For more information - check official Solr guide
Upvotes: 1
Related Questions
- solr - basic authentication
- adding basic authentication to Solr 8.6.1
- SolrCloud with SSL and Basic Authentication
- Basic Authentication is not working in Apache solr 8
- How to make BasicAuthentication in SolrJ - CloudSolrClient?
- how to give admin password to solr admin panel
- How to set Apache solr admin password
- Solr CDCR doesn't work if the authentication is enabled
- Credentials for Solr admin is not working
- Solr Authentication