Yes, that's the general model. Use a layer in between your clients and Solr
to restrict access to what you wish to let people to do.
Generally speaking, you should expose a SearchHandler that hardcodes the fl
param to prevent retrieval of your full text field, and uses a filter query
param to limi
Thanks, Michael ... so if I plan to do client-side ajax, you would suggest
to call back an ajax proxy rather than query the Solr instance directly?
2014-06-23 14:57 GMT+02:00 Michael Della Bitta <
michael.della.bi...@appinions.com>:
> Unfortunately, it's not really advisable to allow open access
Unfortunately, it's not really advisable to allow open access to Solr to
the open web.
There are many avenues of DOSing a Solr install otherwise, and depending on
how it's configured, some more intrusive vulnerabilities.
Michael Della Bitta
Applications Developer
o: +1 646 532 3062
appinions i
