janhoy commented on a change in pull request #2472:
URL: https://github.com/apache/lucene-solr/pull/2472#discussion_r648218229
##########
File path: solr/core/src/java/org/apache/solr/handler/IndexFetcher.java
##########
@@ -271,7 +274,34 @@ public IndexFetcher(@SuppressWarnings({"rawtypes"})final
NamedList initArgs, fin
String httpBasicAuthPassword = (String)
initArgs.get(HttpClientUtil.PROP_BASIC_AUTH_PASS);
myHttpClient = createHttpClient(solrCore, httpBasicAuthUser,
httpBasicAuthPassword, useExternalCompression);
}
-
+
+ private void setLeaderUrl(String leaderUrl) {
+ if (leaderUrl != null) {
+ ShardHandlerFactory shardHandlerFactory =
solrCore.getCoreContainer().getShardHandlerFactory();
+ if (shardHandlerFactory instanceof HttpShardHandlerFactory) {
+ ZkController zkController =
solrCore.getCoreContainer().getZkController();
+ ClusterState clusterState = zkController == null ? null :
zkController.getClusterState();
+ try {
+ ((HttpShardHandlerFactory)
shardHandlerFactory).getWhitelistHostChecker()
+ .checkWhitelist(clusterState, null,
Collections.singletonList(leaderUrl));
Review comment:
This is by design and on purpose, please see documentation of the
feature here
https://solr.apache.org/guide/8_8/distributed-requests.html#configuring-the-shardhandlerfactory
In leader/follower installs, it is expected that you configure the
`shardsWhitelist` setting in solr.xml with a list of all your shards, to avoid
user queries with shards parameter being able to connect to any host on the
network.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
