Author: Aaron

It’s always frustrated me that the basic list option for collections in Solr doesn’t provide any information beyond collection names.

http "https://solr.aaronwalker.dev:8983/solr/admin/collections?action=LIST"

Recently I sat down with jq (and google) to figure out how to get a collection list from Solr with basic configuration details, like the configuration name for each collection.

http "https://solr.aaronwalker.dev:8983/solr/admin/collections?action=CLUSTERSTATUS" \
| jq '.cluster.collections | to_entries | map({collection: .key , configName: .value.configName})|sort'

This code retrieves a detailed set of information on the cluster using CLUSTERSTATUS, then uses jq to extract the collection list, create an array (one object per collection) from that list and extract the collection names and configuration names, then sorts the array.

The key piece that had eluded me was the “to_entries” function in jq that transforms the collections object into an array. Searching for “jq nested objects” finally found a discussion that helped me to understand how I could extract the pieces I needed and put them together.

References:

By default, Solr has no Authentication or Authorization configured which is convenient for development but dangerous for deployment. Once a Solr cluster has been configured to limit access via Authentication and Authorization, credentials are required for any access of the system.

However, it is possible to restrict access to most features of a Solr cluster while leaving specific endpoints available for anonymous use.

Allowing Anonymous Access to Solr

First, you need to allow anonymous access to Solr by disabling the blockUnknown configuration parameter using the Authentication API. Simply set blockUnknown to false using the authentication endpoint on the instance:

echo '{"set-property": {"blockUnknown":false}}' | http 'https://solr.aaronwalker.dev:8983/solr/admin/authentication'

Once this is disabled, anonymous users can make requests to the Solr instance.

Granting Anonymous Users Access to Specific Endpoints

Explicit access must be granted to endpoints before anonymous users can use those endpoints as the existing Authorization configuration will likely block them.

For example, setting the following permission configuration using the Authorization API will grant anonymous users access to the “select” endpoint by specifying the special “null” role.

{
  "set-permission": {
    "name": "anonymous_select",
    "path": "/select/*",
    "role": null
  }
}

echo '{"set-permission": {"name": "anonymous_select","path": "/select/*","role": null}}' | http 'https://solr.aaronwalker.dev:8983/solr/admin/authorization'