mark
--
View this message in context:
http://lucene.472066.n3.nabble.com/Basic-auth-on-SolrCloud-admin-calls-tp4052266p4155521.html
Sent from the Solr - User mailing list archive at Nabble.com.
> allowing all the solr servers in the cluster+given control-machines?
>> Assuming that search request to solr run though a proxy..
>>
>>
>>
>>
>>
>> --
>> View this message in context: http://lucene.472066.n3.**
>> nabble.com/Basic-auth-on-**SolrC
e ports in the firewall level, and
allowing all the solr servers in the cluster+given control-machines?
Assuming that search request to solr run though a proxy..
--
View this message in context:
http://lucene.472066.n3.nabble.com/Basic-auth-on-SolrCloud-admin-calls-tp4052266p4055868.html
Sen
Did anyone try blocking access to the ports in the firewall level, and
allowing all the solr servers in the cluster+given control-machines?
Assuming that search request to solr run though a proxy..
--
View this message in context:
http://lucene.472066.n3.nabble.com/Basic-auth-on-SolrCloud
This JIRA covers a lot of what you're asking:
https://issues.apache.org/jira/browse/SOLR-4470
I am also trying to get this sort of solution in place, but it seems to
be dying off a bit. Hopefully we can get some interest on this again,
this question comes up every few weeks, it seems.
I can
It's fairly easy to lock down Solr behind basic auth using just the
servlet container it's running in, but the problem becomes letting
services that *should* be able to access Solr in. I've rolled with
basic auth in some setups, but certain deployments such as Solr Cloud
or sharded setups don't pla
On Apr 11, 2013, at 17:12 , adfel70 wrote:
> Hi
> I need to implement security in solr as follows:
> 1. prevent unauthorized users from accessing to solr admin pages.
> 2. prevent unauthorized users from performing solr operations - both /admin
> and /update.
>
>
> Is the conclusion of this thre
this message in context:
http://lucene.472066.n3.nabble.com/Basic-auth-on-SolrCloud-admin-calls-tp4052266p4055330.html
Sent from the Solr - User mailing list archive at Nabble.com.
Here we go:
https://issues.apache.org/jira/browse/SOLR-4470
Tim
-Original Message-
From: Vaillancourt, Tim [mailto:tvaillanco...@ea.com]
Sent: Friday, March 29, 2013 3:25 PM
To: solr-user@lucene.apache.org
Subject: RE: Basic auth on SolrCloud /admin/* calls
Agreed, we don't
Message-
From: Mark Miller [mailto:markrmil...@gmail.com]
Sent: Friday, March 29, 2013 1:04 PM
To: solr-user@lucene.apache.org
Subject: Re: Basic auth on SolrCloud /admin/* calls
This has always been the case with Solr. Solr's security model is that clients
should not have access to it - only truste
I was able to get a Collection online using
> Cores API only using curl calls w/basic auth. Only the Collections API is
> affected due to it calls itself which do not have auth.
>
> Cheers,
>
> Tim
>
> -Original Message-
> From: Isaac Hebsh [mailto:isaac.he...
Sent: Friday, March 29, 2013 12:37 AM
To: solr-user@lucene.apache.org
Subject: Re: Basic auth on SolrCloud /admin/* calls
Hi Tim,
Are you running Solr 4.2? (In 4.0 and 4.1, the Collections API didn't return
any failure message. see SOLR-4043 issue).
As far as I know, you can't tell Solr
Hi Tim,
Are you running Solr 4.2? (In 4.0 and 4.1, the Collections API didn't
return any failure message. see SOLR-4043 issue).
As far as I know, you can't tell Solr to use authentication credentials
when communicating other nodes. It's a bigger issue.. for example, if you
want to protect the "/up
Hey guys,
I've recently setup basic auth under Jetty 8 for all my Solr 4.x '/admin/*'
calls, in order to protect my Collections and Cores API.
Although the security constraint is working as expected ('/admin/*' calls
require Basic Auth or return 401), when I use the Collections API to create a
14 matches
Mail list logo
