Jetty - 401 Unauthorized when using basic authentication
Posted
by
JP.
on Server Fault
See other posts from Server Fault
or by JP.
Published on 2013-11-10T05:40:35Z
Indexed on
2013/11/10
9:58 UTC
Read the original article
Hit count: 617
I am running SOLR on jetty in Ubuntu (a bitnami VM, if that helps) and am trying to lock down access to both the admin pages and the update/delete/etc. pages using basic authentication.
When I attempt to connect to the admin console via a web browser I am prompted for a user name and password, but the username and password I use simply does not work. For test purposes I am using foo:bar as the credentials, but I receive a '401 Unauthorized' response. I see the following in my request log.
127.0.0.1 - - [10/Nov/2013:05:35:46 +0000] "GET /solr/ HTTP/1.1" 401 1376
Am I doing something wrong and/or is there anything obviously incorrect with the below configuration? Any help is greatly appreciated.
Jetty.xml
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">solr</Set>
<Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set>
<Set name="refreshInterval">5</Set>
</New>
</Arg>
</Call>
/etc/realm.properties
foo: bar, solr_admin
webdefault.xml
<security-constraint>
<web-resource-collection>
<url-pattern>/</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>solr_admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>solr</realm-name>
</login-config>
© Server Fault or respective owner
