I want to create a read only user for my Solr-Cloud-Cluster. For this I create a new security.json file an uploaded into me zookeeper server. But the user solr can do selects/inserts, but the SOLRREAD user only insert. I want that the SOLRREAD user can only read a collection, but not write into it.
Solr 5.5.0
Do you know whats wrong?
/usr/iop/4.2.0.0/solr/server/scripts/cloud-scripts/zkcli.sh -zkhost bdmstd001.zit.com:2181 -cmd put /solr/security.json '
{
"authentication": {
"blockUnknown": true,
"class": "solr.BasicAuthPlugin",
"credentials": {
"solr": "Some hash",
"SOLRREAD": "Some hash"
}
},
"":{"v":3},
"authorization": {
"class": "solr.RuleBasedAuthorizationPlugin",
"user-role": {
"solr": "admin",
"SOLRREAD" : "dev"
},
"permissions": [
{
"role": "dev",
"name": "collection-admin-read",
},
{
"role": "admin",
"name": "collection-admin-edit",
}
]
}
}
'
Related
I am new to Solr and am trying to add the Suggest Search Component via the Config API.
My Solr 9.0.0 setup is as follows:
bin/solr start -e cloud with _default config
Add the search component with a POST request to http://localhost:8983/api/collections/collection_name/config:
{
"add-searchcomponent": {
"name": "suggest",
"class": "solr.SuggestComponent",
"lookupImpl": "FuzzyLookupFactory",
"dictionaryImpl": "DocumentDictionaryFactory",
"field": "name",
"suggestAnalyzerFieldType": "string",
"buildOnStartup": "false"
}
}
Until here everything is fine and I receive a responseHeader with status 0.
Add the request handler with a POST request to http://localhost:8983/api/collections/collection_name/config:
{
"add-requesthandler": {
"name": "/suggest",
"class": "solr.SearchHandler",
"defaults": {
"suggest": "true",
"rows": "10"
},
"components": "suggest"
}
}
In step 3 I receive a responseHeader with status 500 and the following error message:
1 out of 2 the property overlay to be of version 4 within 30 seconds! Failed cores: [http://localhost:8983/solr/collection_name1_replica_n1/]
What am I doing wrong?
I could solve it. My error was not adding “components” in the add-requesthandler as an array.
original:
{
"add-requesthandler": {
"name": "/suggest",
"class": "solr.SearchHandler",
"defaults": {
"suggest": "true",
"rows": "10"
},
"components": "suggest"
}
}
correct:
{
"add-requesthandler": {
"name": "/suggest",
"class": "solr.SearchHandler",
"defaults": {
"suggest": "true",
"rows": "10"
},
"components": [“suggest"]
}
}
I am new to Solr and am trying to add the Suggest Search Component via the Config API.
My Solr 9.0.0 setup is as follows:
bin/solr start -e cloud with _default config
Index a csv with bin/post -c collection_name file_path/file.csv
Add the search component with a POST request to http://localhost:8983/api/collections/collection_name/config:
{
"add-searchcomponent": {
"name": "suggest",
"class": "solr.SuggestComponent",
"lookupImpl": "FuzzyLookupFactory",
"dictionaryImpl": "DocumentDictionaryFactory",
"field": "name",
"suggestAnalyzerFieldType": "string",
"buildOnStartup": false
}
}
Add the request handler with a POST request to http://localhost:8983/api/collections/collection_name/config:
{
"add-requesthandler": {
"name": "/suggest",
"startup": "lazy",
"class": "solr.SearchHandler",
"defaults": {
"suggest": true,
"suggest.count": 10
},
"components": ["suggest"]
}
}
This works fine and my configoverlay.json looks as follows:
{
"props":{"updateHandler":{"autoSoftCommit":{"maxTime":3000}}},
"searchComponent":{"suggest":{
"name":"suggest",
"class":"solr.SuggestComponent",
"lookupImpl":"FuzzyLookupFactory",
"dictionaryImpl":"DocumentDictionaryFactory",
"field":"name",
"suggestAnalyzerFieldType":"string",
"buildOnStartup":false}},
"requestHandler":{"/suggest":{
"name":"/suggest",
"startup":"lazy",
"class":"solr.SearchHandler",
"defaults":{
"suggest":true,
"suggest.count":10},
"components":["suggest"]}}}
But if I send the request http://localhost:8983/solr/collection_name/suggest?suggest.dictionary=suggest&q=J&suggest.build=true I receive the following error:
{
"responseHeader": {
"zkConnected": true,
"status": 400,
"QTime": 3
},
"error": {
"metadata": [
"error-class",
"org.apache.solr.common.SolrException",
"root-error-class",
"org.apache.solr.common.SolrException"
],
"msg": "No suggester named suggest was configured",
"code": 400
}
}
I could imagine it has something to do with the naming of the search component, as there are two distinct names as defined in the docs. There is a "searchComponent name" and a "name" parameter, but I don't now how to manipulate the "searchComponent name".
I have found this and this post on a similar error, but both posts are about the suggest.dictionary not being configured which is not the case in my situation.
Any help on what I am doing wrong is greatly appreciated.
One SuggestComponent can use multiple dictionaries, so you have to define them in a list and specify a name explicitly for each one.
Note also that buildOnStartup expects a string.
{
"add-searchcomponent": {
"name": "suggest",
"class": "solr.SuggestComponent",
"suggester": [{
"name": "fuzzy",
"lookupImpl": "FuzzyLookupFactory",
"dictionaryImpl": "DocumentDictionaryFactory",
"field": "name",
"suggestAnalyzerFieldType": "string",
"buildOnStartup": "false"
}]
}
}
Which you can query with .../suggest?suggest.dictionary=fuzzy&q=J&suggest.build=true
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Installing CloudAuth Application in Ubuntu 18.04 LTS",
"Parameters": {
"secretname": {
"Type": "String",
"Description": "A descriptive name that helps you find your secret later"
},
"myuser": {
"Type": "String",
"Description": "Enter existing user name"
}
},
"Resources": {
"myaccesskey": {
"Type": "AWS::IAM::AccessKey",
"Properties": {
"UserName": {
"Ref": "myuser"
}
}
},
"mysecrets": {
"Type": "AWS::SecretsManager::Secret",
"Properties": {
"Name": {
"Ref": "secretname"
},
"SecretString": "{\"Access_Key\":\"${myaccesskey}\",\"Secret_Key\":\"${myaccesskey.SecretAccessKey}\"}"
}
}
}
}
From my understanding, you are trying to pass the Access Key and Secret Key to the secret string of Secrets manager resources.
Instead of using:
"SecretString":
"{"Access_Key":"${myaccesskey}","Secret_Key":"${myaccesskey.SecretAccessKey}"}"
Try the following format(Fn::Sub function):
SecretString: !Sub '{ "access_key": "${AccessKey}",
"secret_key": "${AccessKey.SecretAccessKey}" }'
I used the YAML format for the stack creation.
I referred to this documentation to make a POST request.
Below is the error while making a POST request to create a conditional access policy
{
"message": "There was an internal server error while processing the request. Error ID: 2dbb1530-4ce6-44f5-9c63-08de28d7218a",
"innerError": {
"request-id": "2dbb1530-4ce6-44f5-9c63-08de28d7218a"
}
}
Payload being passed with the request is below:
{
"displayName": "Test Policy",
"state": "enabled",
"conditions": {
"clientAppTypes": ["modern", "browser"],
"applications": {
"includeApplications": ["None"]
},
"users": {
"includeUsers": [
"08290005-23ba-46b4-a377-b381d651a2fb"
]
},
"locations": {
"includeLocations": ["All"],
"excludeLocations": ["AllTrusted"]
}
},
"grantControls": {
"operator": "OR",
"builtInControls": ["approvedApplication"]
}
}
I've tried using this endpoint to get a policy:
https://graph.microsoft.com/beta/{tenant_id}/conditionalAccess/policies
Which successfully returns an existing policy. However, the above POST request is not working.
The "approvedApplication" requirement only supports the iOS and Android for device platform condition. See details here.
You need to add "includePlatforms" iOS and android into the json body.
{
"displayName": "Test Policy",
"state": "enabled",
"conditions": {
"clientAppTypes": ["modern", "browser"],
"applications": {
"includeApplications": ["None"]
},
"users": {
"includeUsers": [
"08290005-23ba-46b4-a377-b381d651a2fb"
]
},
"platforms": {
"includePlatforms": [
"iOS", "android"
]
},
"locations": {
"includeLocations": ["All"],
"excludeLocations": ["AllTrusted"]
}
},
"grantControls": {
"operator": "OR",
"builtInControls": ["approvedApplication"]
}
}
I have successfully installed tilestache. I also has succesfully add a layer using shapefile from here. But when I tried to use my own shapefile, the server always return empty featurecollection. I have tried to add ST_Transform() in the query but still return empty feature.
My config file:
{
"cache":
{
"name": "Test",
"path": "/tmp/stache",
"umask": "0000"
},
"layers":
{
"osm-processed_p1": {
"allowed origin": "*",
"provider": {
"class": "TileStache.Goodies.VecTiles:Provider",
"kwargs": {
"dbinfo": {
"host": "127.0.0.1",
"user": "postgres",
"database": "ts_data"
},
"queries": [
"SELECT gid, geom AS __geometry__ FROM osm.kalimantan"
]
}
}
}
}
}
How can I fix this?