I place Apache Solr behind Apache httpd with a pure HTTP reverse proxy, since
most of the time it will be used as an API. I use mod_auth_cas to protect the
general /solr URL, requiring a login that refers to our common Jasiq CAS
server, which in turns connects to our Microsoft Active Directory
org
Subject: Re: Admin Login
Scott:
You better not even let them access Solr directly.
http://server:port/solr/admin/collections?ACTION=delete&name=collection.
Try it sometime on a collection that's not important ;)
But as Walter said, that'd be similar to allowing end us
Erik,
After Walters reply I started thinking along the lines you mentioned and
realized the folly of doing that!
Scott
On 8/15/2015 9:57 PM, Erick Erickson wrote:
Scott:
You better not even let them access Solr directly.
http://server:port/solr/admin/collections?ACTION=delete&name=collect
Scott:
You better not even let them access Solr directly.
http://server:port/solr/admin/collections?ACTION=delete&name=collection.
Try it sometime on a collection that's not important ;)
But as Walter said, that'd be similar to allowing end users
unrestricted access to
a SOL database, t
Walter,
actually that explains it perfectly! I will move behind my apache server...
thanks,
Scott
On 8/15/2015 6:15 PM, Walter Underwood wrote:
No one runs a public-facing Solr server. Just like no one runs a public-facing
MySQL server.
wunder
Walter Underwood
wun...@wunderwood.org
http://
No one runs a public-facing Solr server. Just like no one runs a public-facing
MySQL server.
wunder
Walter Underwood
wun...@wunderwood.org
http://observer.wunderwood.org/ (my blog)
On Aug 15, 2015, at 4:15 PM, Scott Derrick wrote:
> I'm somewhat puzzled there is no built in security. I can'
