You have to remember that Solr is search, not security, its not
considered a great idea to have it publicly accessible. If you want a
public instance any requests to your solr instance should be "proxied"
by some interface between solr and the user.
e.g.
user requests http://foobar.com/searchapi?k
Thanks. I am trying to implement some sort authentication mechanism in Solr.
This means each request will have a key which can authenticate whether the
request is authentic or not. And do you think, I need to still take care the
steps mentioned by you and why??
- BR
"Wagner,Harry" <[EMAI
:[EMAIL PROTECTED]
Sent: Wednesday, October 24, 2007 9:25 AM
To: solr-user@lucene.apache.org
Subject: RE: Solr and security
One effective method is to block access to the port Solr runs on. Force
application access to come thru the HTTP server, and let it map to the
application server (i.e., like
One effective method is to block access to the port Solr runs on. Force
application access to come thru the HTTP server, and let it map to the
application server (i.e., like mod_jk does for for Apache & Tomcat).
Simple, but effective.
Cheers!
harry
-Original Message-
From: Cool Coder [mai
