Current user is not authenticated! Security panel is disabled.

 You do not have permission to view the security panel.

 WARNING: Security is not enabled for this server!

Use the bin/solr auth command-line tool to enable security and then reload this panel. For more information, see: Using security.json with Solr


Example usage of bin/solr auth to enable basic authentication:



        bin/solr auth enable -type basicAuth -prompt true -z {{zkHost}} -blockUnknown true

Create a security.json config file in your Solr home directory and then restart Solr (on all nodes). For more information, see: Using security.json with Solr

Security Settings

TLS enabled? Authentication Plugin: {{authenticationPlugin}}

When using the MultiAuthPlugin, changes made to Users and Roles, using the panels below, only affect Basic authentication.

Users and Roles for the other authentication schemes, such as the Bearer scheme (JWTAuthPlugin), are managed by an external provider. Thus, not all users with access to the system are displayed below; only users managed by the BasicAuthPlugin are displayed on this screen.

Authorization Plugin: {{authorizationPlugin}}

If checked, un-authenticated requests to any Solr endpoint are blocked. If un-checked, then any endpoint that is not protected with a permission will be accessible by anonymous users. Only disable this check if you want to allow un-authenticated access to specific endpoints that are configured with role: null. All other endpoints should be protected with explicit role bindings that require authentication. For more information, see:

Basic Authentication

If checked, Solr forwards user credentials when making distributed requests to other nodes in the cluster. If un-checked (the default), Solr will use the internal PKI authentication mechanism for distributed requests. For more information, see:

PKIAuthenticationPlugin

 {{securityAPIError}}

{{userDialogHeader}}

{{validationError}}

{{roleDialogHeader}}

{{validationError}}

{{permDialogHeader}}

For requests where multiple permissions match, Solr applies the first permission that matches based on a complex ordering logic. In general, more specific permissions should be listed earlier in the configuration. The permission index (1-based) governs its position in the configuration. To re-order a permission, change the index to desired position.

Permission Ordering and Resolution

or Custom:

Permissions allow you to grant access to protected resources to one or more roles. Solr provides a list of predefined permissions to cover common use cases, such as collection administration. Otherwise, you can define a custom permission for fine-grained control over the API path(s), collection(s), request method(s) and params.

Rule-based Authorization :: Permissions

GET
POST
PUT
DELETE
 = 

{{validationError}}

Users

 Users are managed by an external provider.

Filter users by: 
Username Roles
{{u.username}} {{displayList(u.roles)}}

Roles

 Roles are managed by an external provider.

Filter roles by: 
Role Users
{{r.name}} {{displayList(r.users)}}

Permissions

Filter permissions by: 
Name Roles Collection Path Method Params
{{p.name}} {{displayRoles(p.roles)}} {{p.collectionNames}} {{displayList(p.paths)}} {{displayList(p.method)}} {{displayParams(p.params)}}
{{w}}