Skip to content

Instantly share code, notes, and snippets.

@dasgoll

dasgoll/solr_pw_hash.md

Forked from rmalchow/solr_pw_hash.md
Created January 26, 2022 16:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dasgoll/2ff4f2c0f98f86077373fbf6937fa6e9 to your computer and use it in GitHub Desktop.
Save dasgoll/2ff4f2c0f98f86077373fbf6937fa6e9 to your computer and use it in GitHub Desktop.
Download ZIP
how to generate password hash and salt for basic auth in solr
Raw
solr_pw_hash.md

solr has a basic authentication module. the description of how to generate the necessary hash + salt string is very hazy. there is this:

https://github.com/ansgarwiechers/solrpasswordhash

project with java code extracted from the solr source .... and then there is this:

#!/bin/bash
PW=$1
SALT=$(pwgen 48 -1)
echo "hash    : $(echo -n "$SALT$PW" | sha256sum -b | xxd -r -p | sha256sum -b | xxd -r -p | base64 -w 1024) $(echo -n "$SALT" | base64 -w1024)"

to run this, you need to have pwgen and vim-common installed, eg (fedora)

dnf install pwgen vim-common -y

pwgen can obviously be replaced by anything that produces random strings. vim-common contains the "xxd" binary to convert hexadecimal output of sha256sum to binary.

you can then call this script:

script.sh "you_passw0rd"

and the out put goes in here:

"authentication": {
    "blockUnknown": true,
    "class": "solr.BasicAuthPlugin",
    "credentials": {
      "solr": "[***OUTPUT OF THE SCRIPT***]"
    }
}

this script could be more elaborate - but i'd rather leave that as an execise to the reader :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment