我是新的Solr,我已经部署了一个4个节点的SolrCloud集群,其中3个节点的外部zookeeper。我将security.json文件部署到zookeper,它限制了对集群的访问。我有2个用户(admin,user1)。
{
"authentication":{
"blockUnknown":true,
"class":"solr.BasicAuthPlugin",
"credentials":{
"admin”:”asdjboagsdbpnabojfm”,
"user1”:”jsidafhoihda0idfhnasndi”},
"":{"v":15}},
"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions":[
{
"name":"all",
"role":"admin",
"index":1},
{
"name":"security-edit",
"role":"admin",
"index":2},
{
"name":"read",
"role":"dev",
"index":3},
{
"name":"update",
"role":"dev",
"index":4},
{
"name":"collection-admin-read",
"role":"dev",
"index":5},
{
"name":"config-read",
"role":"dev",
"index":6}],
"user-role":{
"admin":[
"admin",
"dev"],
"user1":["dev"]},
"":{"v":39}}
}
当我尝试以下网址时,
curl -u admin:password -k -s "https://solrcloud-01.dfw.3mhis.vm:8080/solr/test/admin/ping?wt=json&indent=on"
注意:test是2个分片的集合,每个分片上有1个复制。
我得到“200状态正常”回复,但是当我尝试user1时,它会给我未经授权的请求。我在这做错了什么。
solr版本也是6,其中ping是根据https://cwiki.apache.org/confluence/display/solr/Implicit+RequestHandlers提供的隐式可用端点之一
答案 0 :(得分:0)
基本上我给了security.json
以下的许可{ "path":"/admin/ping",
"role":"dev",
"index":7
}