• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

CFADMIN Solr Basic Authentication

Explorer ,
Aug 04, 2023 Aug 04, 2023

Copy link to clipboard

Copied

I am trying to use basic authentication with Solr and ColdFusion but am running into 2 issues.

 

I have done the following:

 

 

I tested logging into the Solr Admin: http://127.0.0.1:8993/solr/ using the credentials from the security.json file.  Anonymous access is now prohibited and I am able to authenticate.
 
Next I did the following:
 
  • Login to the CFADMIN.
  • Click the Data & Services icon on the left.
  • Click the Solr Server link in the top navigation.
  • Under Advanced Settings enter the credentials from the security.json file into the User name and Password fields.
  • Click the Submit Changes button.

 

Issue 1: The collections are not available in CFADMIN > Data & Services > ColdFusion Collections.  The error is:

 

Unable to retrieve collections from the Search Services.  Ensure that you have installed ColdFusion Search Service and it is running.

 

Issue 2: When I try to reindex collections the cfcatch detail and message are:

 

It has been configured as http://localhost:8993/solr.  SOLR server is not accessible.

 

So it seems like CFADMIN is not correctly authenticating to Solr.

 

Anyone have any thoughts?

 

Thanks in advance.

 

Views

378

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Aug 07, 2023 Aug 07, 2023

Copy link to clipboard

Copied

I have no idea whether ColdFusion supports using Basic Authentication when connecting to Solr. Unless you need Basic Authentication for some other Solr users outside of CF, I recommend you limit remote access entirely using IP restrictions. You can do that directly on the local machine using whatever firewall software it has.

 

Dave Watts, Eidolon LLC

Dave Watts, Eidolon LLC

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Aug 07, 2023 Aug 07, 2023

Copy link to clipboard

Copied

It seems odd that ColdFusion would provide fields to enter credentials in the Data & Services > Solr Server tab if it was not supported, but maybe I'm missing something.

 

Screenshot 2023-08-07 at 11.50.42 AM.png

 

A security scan at my organization doesn't like that Solr provides information without authentication at the address http://MACHINENAME:8993/solr/.

 

So, would blocking port 8993 to external traffic with a firewall rule prohibit accessing that info?  I don't believe a can edit firewall rules because those are controlled by an Enterprise level IT group ant my organization but if this is the only solution perhaps I can request it.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Aug 07, 2023 Aug 07, 2023

Copy link to clipboard

Copied

LATEST

It does seem odd. But you don't have to worry about it. Blocking external access to that port would make Solr entirely inaccessible to the security scan, and is arguably more secure. I recommend requesting that solution from your IT group.

 

Dave Watts, Eidolon LLC

Dave Watts, Eidolon LLC

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation