Solr Authentication about pysolr HOT 8 CLOSED

Have you tried to put your login and password right into the HAYSTACK_SOLR_URL ?

HAYSTACK_SOLR_URL = 'http://<login>:<password>@<host>:<port>/solr'

from pysolr.

I have, I get a ValueError:

ValueError: invalid literal for int() with base 10: '[email protected]'

for:
HAYSTACK_SOLR_URL = 'http://dotcloud:[email protected]/solr/'

from pysolr.

+1

from pysolr.

Seems to work now, can someone confirm and close ticket?

from pysolr.

Is there a way to use Basic Authentication by not sending the username and password in clear in the connection URL?

If one checks the logs after adding something to Solr, the URL with the connection credentials can be seen in clear. I know I could comment/remove the logging line from the source code, but that's not desirable.

from pysolr.

I think the quickest fix in case there is no other way to do it is to have that logged in debug mode rather than in info mode. This could be changed in pysolr.py line 382 from "self.log.info" to "self.log.debug". Maybe an admin could change this line for future releases.

from pysolr.

@PaulIurea There's no way to avoid including it in the URL: HTTP Basic Authentication means cleartext. Changing the log level would make sense if you want to send a pull request. Looking at that chunk of code, I'm thinking that the best answer would be creating a little helper function which would sanitize the URL using urlparse to clear or mask the fields so we could retain the debugging value of the URLs without hoping that everyone sets their log levels appropriately, especially since in this case I think you'd also have to worry about the logging done by requests and urllib3.

from pysolr.

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

from pysolr.