John Fawcett
2020-Nov-13 20:56 UTC
dovecot fts-solr + solr 8.7.0 upgrade: "Indexing failed: 401 Unauthorized" + "Transaction commit failed: FTS transaction commit failed: backend deinit" ?
On 13/11/2020 21:32, PGNet Dev wrote:> On 11/13/20 11:37 AM, John Fawcett wrote: >>> still dunno why the 401. :-/ >> >> So I just did a quick check of running dovecot with a standalone >> solr-8.7.0 instance and I'm not seeing any issues. > > +1 > >> I confirm I haven't configured anything for indexer or indexer-worker in >> dovecot, just left the defaults. > > +1 > >> For 401's returned from your solr server you'll need to look into how >> you set up authentication. > > FOUND & *avoided* the silly problem.? yay.? TBD what a 'fix' looks like. > > the issue's a mis-handled, URL-encoded "@" in my basicAuth 'pass' > string, as used in fts_solr > > my security config included > > ????solr/data/security.json > ??????? { > ??????????? "authentication":{ > ??????????????? "blockUnknown": true, > ??????????????? "class":"solr.BasicAuthPlugin", > ??????????????? "credentials":{ > ??????????????????? "myuser":"my at pass" > ??????????????? }, > ??????????????? "realm":"My REALM", > ??????????????? "forwardCredentials": false > ??????????? }, > ??????????? "authorization":{ > ??????????????? "class":"solr.RuleBasedAuthorizationPlugin", > ??????????????? "permissions":[{ > ??????????????????? "name":"security-edit", > ??????????????????? "role":"admin" > ??????????????? }], > ??????????????? "user-role":{ > ??????????????????? "solr":"admin" > ??????????????? } > ??????????? } > ??????? } > > and > > ????/etc/default/solr.in.sh > ??????? ... > ??????? SOLR_AUTH_TYPE=basic > ??????? SOLR_AUTHENTICATION_OPTS="-Dbasicauth=myuser:my at pass" > > and > > ????dovecot/conf.d/10-master.cf > > ??????? fts_solr > url=https://"myuser":"my%40pass"@solr.example.com:8984/solr/dovecot/ > use_libfts soft_commit=yes batch_size=250 > > changing all > > -??? my at pass > +??? my_pass > > so that > > ??????? fts_solr > url=https://"myuser":"my_pass"@solr.example.com:8984/solr/dovecot/ > use_libfts soft_commit=yes batch_size=250 > > does the trick.? fts/solr is indexing, solr's logging the activity, > and there appear to be no more perms/auth/access errors.I guess you didn't need to enclose username and password in quotes, i.e. fts_solr url=https://myuser:my%40pass at solr.example.com:8984/solr/dovecot/ use_libfts soft_commit=yes batch_size=250 John
PGNet Dev
2020-Nov-13 21:04 UTC
dovecot fts-solr + solr 8.7.0 upgrade: "Indexing failed: 401 Unauthorized" + "Transaction commit failed: FTS transaction commit failed: backend deinit" ?
> I guess you didn't need to enclose username and password in quotes, i.e. > > fts_solr > url=https://myuser:my%40pass at solr.example.com:8984/solr/dovecot/ > use_libfts soft_commit=yes batch_size=250On 11/13/20 12:56 PM, John Fawcett wrote:> I guess you didn't need to enclose username and password in quotes, i.e.>> fts_solr > url=https://myuser:my%40pass at solr.example.com:8984/solr/dovecot/> use_libfts soft_commit=yes batch_size=250heh, quotes weren't the 1st thing I tried! here, use of the the '%40' encoding -- with or without single or dubl quotes -- causes the perms errors I was seeing. nbd, as I just rm need-to-escape chars from my random-pass-str generator snippet. simple enough workaround, once I realized ...
John Fawcett
2020-Nov-13 21:30 UTC
dovecot fts-solr + solr 8.7.0 upgrade: "Indexing failed: 401 Unauthorized" + "Transaction commit failed: FTS transaction commit failed: backend deinit" ?
On 13/11/2020 22:04, PGNet Dev wrote:>> I guess you didn't need to enclose username and password in quotes, i.e. >> >> fts_solr >> url=https://myuser:my%40pass at solr.example.com:8984/solr/dovecot/ >> use_libfts soft_commit=yes batch_size=250 > > On 11/13/20 12:56 PM, John Fawcett wrote: > >> I guess you didn't need to enclose username and password in quotes, i.e. > >> > >> fts_solr > >> url=https://myuser:my%40pass at solr.example.com:8984/solr/dovecot/ > >> use_libfts soft_commit=yes batch_size=250 > > > heh, quotes weren't the 1st thing I tried! > > > > here, use of the the '%40' encoding -- with or without single or dubl > quotes -- causes the perms errors I was seeing. > > > > nbd, as I just rm need-to-escape chars from my random-pass-str > generator snippet. > > > > simple enough workaround, once I realized ... > > > > >it looks like there's a parsing error so that rfc3986 compliant %encoding in the user or password field of the url is not accepted by Dovecot. John
Apparently Analagous Threads
- dovecot fts-solr + solr 8.7.0 upgrade: "Indexing failed: 401 Unauthorized" + "Transaction commit failed: FTS transaction commit failed: backend deinit" ?
- dovecot fts-solr + solr 8.7.0 upgrade: "Indexing failed: 401 Unauthorized" + "Transaction commit failed: FTS transaction commit failed: backend deinit" ?
- dovecot fts-solr + solr 8.7.0 upgrade: "Indexing failed: 401 Unauthorized" + "Transaction commit failed: FTS transaction commit failed: backend deinit" ?
- dovecot fts-solr + solr 8.7.0 upgrade: "Indexing failed: 401 Unauthorized" + "Transaction commit failed: FTS transaction commit failed: backend deinit" ?
- v2.3.11.3 solr plugin search via MUA fails to match accented ascii characters; cmd line exec of `doveadm fts lookup` PANICs (assertion failed)