Fcrepo 3919 - Make solr endpoint credentials configurable #200
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… service (fcrepo-exts#191) * replacing ldpath service with XSLT processing solr indexer * no longer need HTTP_URI * added properties for new solr xsl transforms to docker-compose properties file * returning config to original state rather than my dev stack * adding fields to solr xsl --------- Co-authored-by: Dan Field <[email protected]>
whikloj
requested changes
Feb 22, 2024
fcrepo-indexing-solr/src/main/java/org/fcrepo/camel/indexing/solr/SolrRouter.java
Outdated
Show resolved
Hide resolved
whikloj
requested changes
Mar 14, 2024
There was a problem hiding this comment.
It took a bit to get a security.json block working but once it did then it appears that with "blockUnknown": true I could not send records.
To duplicate my infrastructure I used this repository, I checked out the PR
> git fetch origin refs/pull/200/merge
From https://github.com/fcrepo-exts/fcrepo-camel-toolbox
* branch refs/pull/200/merge -> FETCH_HEAD
> git checkout FETCH_HEAD
HEAD is now at 1681ce19 Merge 77d1bc81f081e3cd8718a17f173c6df6900acdc9 into c6f5467ba430b44f960e1c5ea59bf05d83d44df3then I built it with mvn clean install
Then in the docker-compose directory I add a file security.json that contained
{
"authentication":{
"blockUnknown": true,
"class":"solr.BasicAuthPlugin",
"credentials":{
"solr": "IV0EHq1OnNrj6gvRCwvFwTrZ1+z1oBbnQdiVC3otuq0= Ndd7LKvVBAaZIF0QAVi1ekCfAJXr1GGfLtRUXhgrF8c=",
"test-user": "Q41CCgahKHBbz2uxCgtBlWhyCSUAwxP4o7/TqzYWrTg= t6TcXYqbQEWdQhDv2XKXDIDUyHu/KTIJru4XzZUYpgk="
},
"realm":"My Solr users",
"forwardCredentials": false
},
"authorization":{
"class":"solr.RuleBasedAuthorizationPlugin",
"permissions": [
{
"name":"all",
"role":"admin"
}
],
"user-role": {
"solr": "admin",
"test-user": "admin"
}
}}Then I modified the docker-compose.yml to have
diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml
index 8b7850d0..f153ee70 100644
--- a/docker-compose/docker-compose.yml
+++ b/docker-compose/docker-compose.yml
@@ -15,6 +15,8 @@ services:
command:
- solr-precreate
- fcrepo
+ volumes:
+ - "./security.json:/var/solr/data/security.json"
fuseki:
image: atomgraph/fuseki
@@ -25,7 +27,10 @@ services:
- /fcrepo
camel-toolbox:
- image: fcrepo/fcrepo-camel-toolbox:latest
+ build:
+ context: ../
+ dockerfile: Dockerfile
volumes:
- "./camel-toolbox-config:/config"
ports:
Lastly I ran docker-compose up --build -d and once it had built and raised the containers I used the test-user:solrRocks credentials to access the HTML admin site to confirm the credentials work.
fcrepo-indexing-solr/src/main/java/org/fcrepo/camel/indexing/solr/SolrRouter.java
Outdated
Show resolved
Hide resolved
fcrepo-indexing-solr/src/main/java/org/fcrepo/camel/indexing/solr/SolrRouter.java
Outdated
Show resolved
Hide resolved
Alters Thread.onSpinWait to use latch and await to avoid using CPU cycles to wait. Also adds additional debug/trace logging to Solr route Adds the default transform as the default on the property for Solr indexing Adds some additional documentation on Solr indexing.
whikloj
reviewed
Sep 5, 2024
| @@ -1,10 +1,11 @@ | |||
| fcrepo.baseUrl=http://fcrepo:8080/fcrepo/rest | |||
| fcrepo.authHost=fcrepo | |||
| fcrepo.authHost=localhost | |||
There was a problem hiding this comment.
This needs to be fcrepo or authentication against Fedora does not work.
|
This PR works, has a bunch of already committed changes (I'm guessing the Github branch update button) but that also raised an issue with the configuration file noted above. If you could fix that then we can merge this it should be ok (🤞 ) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Make solr endpoint credentials configurable
JIRA Ticket: https://fedora-repository.atlassian.net/jira/software/c/projects/FCREPO/issues/FCREPO-3919?filter=myopenissues
What does this Pull Request do?
Adds configurable username and password properties for HTTP Basic Auth when indexing Solr documents into an auth protected Solr instance
How should this be tested?
Interested parties
Tag (@ mention) interested parties or, if unsure, @fcrepo/committers