Authentication

  1. Create a new security.json file to create unique credentials for each customer to avoid security flags. To create a new username and password follow section Security.json configuration changes.
  2. Copy the security.json created with new credentials and paste/store it in the path mentioned below:

    e.g., C:\ solr-8.11.2\security.json

  3. Upload the security.json file to the ZooKeeper instance. Open Command Prompt as Administrator, Navigate to SOLR_HOME\bin and execute the below command to upload configuration file to ZooKeeper:
    solr zk cp <Security JSON PATH> zk:/security.json -z <IP>:<ZooKeeper Port>
e.g. –
solr zk cp C:\solr-8.11.2\security.json zk:/security.json -z 1x.xx.xx.x1:9983
    Note:
    This will create a Username and Password.
    Figure 1. Installation of SOLR without HA - Authentication (Cont.)
  4. For the following points, use the username and password created wherever applies.
  5. Execute the below APIs in browser to ensure that Solr is running with authentication and authorization enabled.
    • http://<IP>:<SOLRPORT>/solr/admin/authentication

    • http://<IP>:<SOLRPORT>/solr/admin/authorization

  6. Enter the username configured in security.json file and password configured in security.json file when prompted on browser. If the message “authorization.enabled”:true is displayed, it confirms that authorization has been enabled successfully.
    {
"responseHeader”: {
"status":0,
"QTime":0},
"authorization.enabled":true,
"authorization”: {
"class":"solr.RuleBasedAuthorizationPlugin",
"User-role”: {"USERNAME":"admin"},
"permissions”: [{
"name":"security-edit",
"role":"admin"}]}}
  7. If the message “authentication.enabled”:true is displayed, it confirms that authentication has been enabled successfully.
    {
"responseHeader”: {
"status":0,
"QTime":3},
"authentication.enabled":true,
"authentication”: {
"class":"solr.BasicAuthPlugin",
"credentials”: {"USERNAME":"HASHED KEY"}}}
  8. Execute the below API as POST request on any of rest clients such as Postman or Curl. Select Basic Authentication and provide Username and Password as created in above steps under Authorization tab. This creates a new user with Username to be further used as <user_name> in credentials.
    • http://<IP>:<SOLRPORT>/solr/admin/authentication
  9. In basic authentication, use the credentials below:
    • Username: “Enter the USERNAME Configured in security.json file”
    • Password: “Enter the PASSWORD Configured in security.json file”
    • In Body tab, select input as Raw JSON (application/json) and provide the below input.
    {
"set-user": {"<user-name> “: "<password>" }
}
e.g. –
This will create user with username and password
  10. Now, a Solr user has been created with UserName and Password that was mentioned in above step set-user.
    Figure 2. Installation of SOLR without HA - Authentication (Cont.)
    A screenshot of a computer Description automatically generated
  11. Execute the below API as POST request in any of rest client such as Postman or Curl and Select Basic Authentication with Username as “Enter the USERNAME Configured in security.json file” and Password as “Enter the PASSWORD Configured in security.json file” under Authorization tab and set the user role using Post request with the URL specified below:
  12. This step will provide admin rights to the user which will be mentioned in <username> tab.
    • http://<IP>:<SOLRPORT>/solr/admin/authorization
  13. Enter the respective IP and Solr Port.
  14. In the Body tab, select input as raw JSON (application/json) and provide the below input. Provide the username that was created using set-user.
    {“set-user-role": {"<user-name> “: ["admin"]}}
  15. Execute the below API as POST request in any of rest client such as Postman or Curl and Select Basic Authentication with Username as “Enter the USERNAME Configured in security.json file” and Password as “Enter the PASSWORD Configured in security.json file” and this step will set the user permission.
  16. Enter the respective IP and Solr Port.
    • http://<IP>:<SOLRPORT>/solr/admin/authorization
  17. In the Body tab, select input as raw JSON (application/json) and provide the below input.
    {
"Set permission": {“name":"all","role": "admin"}
}
  18. Open the Command Prompt as Administrator, navigate to SOLR_HOME\bin, and run the command below:
    solr stop -p <port of solr>