Support Questions

dlu · ‎08-03-2018

Hi,

I want to create a read only user for my Solr-Cloud-Cluster. For this I create a new security.json file an uploaded into me zookeeper server. But the user solr can do selects/inserts, but the SOLRREAD user only insert. I want that the SOLRREAD user can only read a collection, but not write into it.

Do you know whats wrong?

/usr/iop/4.2.0.0/solr/server/scripts/cloud-scripts/zkcli.sh -zkhost bdmstd001.zit.commerzbank.com:2181 -cmd put /solr/security.json '
{
  "authentication": {
   "blockUnknown": true,
    "class": "solr.BasicAuthPlugin",
    "credentials": {
      "solr": "Some hash",
      "SOLRREAD": "Some hash"
    }
  },
    "":{"v":3}},
  "authorization": {
    "class": "solr.RuleBasedAuthorizationPlugin",
    "user-role": {
      "solr": "admin",
     "SOLRREAD" : "dev"
    },
    "permissions": [
      {
        "role": "dev",
        "name": "collection-admin-read",
      },
      {
        "role": "admin",
        "name": "collection-admin-edit",
      }
    ]
  }
}
'

falbani · ‎08-09-2018

@Dominik Ludwig Have you consider using ranger solr plugin? Perhaps this might help you set authorization in each collection.

Support Questions

Create Solr readonly user