SolrCommitter does not support Solr behind Basic Auth

[douglas-andrew-harley]

After overcoming my previous bad certs issues (https://github.com/Norconex/committer-solr/issues/13) I was still stuck with the fact that I couldn't commit docs to a SolrCloud cluster that lives behind an NGINX basic auth-secured reverse proxy. I tried specifying the username/password in the Solr URL, like this: https://'my_user:my_user's_crazy_pa55wurd!'@my_solr_host/solr/my_collection

...and also adding authUsername/authPassword to the httpClientFactory (that is only used by the HTTP Collector apparently):

<httpClientFactory>
        <connectionTimeout>${connectionTimeout}</connectionTimeout>
        <maxConnections>${maxConnections}</maxConnections>
        <authMethod>basic</authMethod>
        <authUsername>my_user</authUsername>
        <authPassword>my_user's_crazy_pa55wurd!</authPassword >
</httpClientFactory>

...but neither approach worked. In the end, in order to get around this issue, I had to add a special location to my NGINX reverse-proxy config to allow unauthenticated access to Solr from only the host my crawler runs on:

location /crawler-access/solr/ {
    allow       10.12.9.174;
    deny        all;

    proxy_pass https://my_solr_host:8983/solr/;

    # shared proxy settings
    include /etc/nginx/solr_proxy.conf;
}

It would be great if authetication support could be added to the SolrCommitter, but until then the NGINX workaround is fine.

Thanks, Doug

[essiembre]

You are correct stating it won't work with httpClientFactory, as this option is for authenticating to websites you crawl. It would be useful to add basic authentication support so I am marking as a feature request.

In the meantime, I am not sure how well you know your Java, but the SolrCommitter class takes an optional ISolrServerFactory argument where you can control how the SolrClient is built.

[essiembre]

Basic auth now supported in the latest release.