rmuir commented on code in PR #11852:
URL: https://github.com/apache/lucene/pull/11852#discussion_r995989985
##########
lucene/luke/src/java/org/apache/lucene/luke/app/web/LukeWebMain.java:
##########
@@ -17,31 +17,78 @@
package org.apache.lucene.luke.app.web;
+import java.net.InetSocketAddress;
import java.util.concurrent.CountDownLatch;
+import java.util.HashMap;
+import java.util.Map;
import org.apache.lucene.luke.app.IndexHandler;
import org.apache.lucene.luke.util.LoggerFactory;
/** Entry class for web Luke */
-public class LukeWebMain {
+public final class LukeWebMain {
+
+ private LukeWebMain() {
+ }
static {
LoggerFactory.initGuiLogging();
}
public static void main(String[] args) throws Exception {
- String index = null;
- if (args.length == 2 && args[0].equals("--index")) {
- index = args[1];
- } else {
- System.err.println("usage: LukeWebMain --index <path-to-index>");
- Runtime.getRuntime().exit(1);
+ Map<String, Object> parsed = null;
+ try {
+ parsed = parseArgs(args);
+ } catch (Exception e) {
+ usage(e.getMessage());
}
-
IndexHandler indexHandler = IndexHandler.getInstance();
- indexHandler.open(index, "org.apache.lucene.store.FSDirectory", true,
true, false);
+ indexHandler.open(getIndex(parsed), "org.apache.lucene.store.FSDirectory",
true, true, false);
CountDownLatch tombstone = new CountDownLatch(1);
- HttpService httpService = new HttpService(indexHandler, tombstone);
+ HttpService httpService = new HttpService(getSockAddr(parsed),
indexHandler, tombstone);
httpService.start();
tombstone.await();
}
+
+ private static String getIndex(Map<String, Object> args) {
+ String index = (String) args.get("index");
+ if (index == null) {
+ usage("index arg is required");
+ }
+ return index;
+ }
+
+ private static InetSocketAddress getSockAddr(Map<String, Object> args) {
+ String host = (String) args.get("host");
+ int port = (Integer) args.getOrDefault("port", 8080);
+ if (host == null) {
+ return new InetSocketAddress(port);
Review Comment:
Maybe just allow this to run on localhost only? Always?
Otherwise I am concerned about security implications. PPl will be reporting
vulnerabilities that there is no TLS, no authentication, that you can do bad
things, etc.
If we only let it run on localhost (or unix socket), then if someone wants
to expose it to the network, they have to do that themselves (e.g. put nginx or
haproxy in front of it, where the TLS, auth, etc can sit).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
