Re: Securing Solr with BasicAuth

You rock Shawn, thanks! Some follow up questions. Using our existing Apache, or AWS setup, could we prevent those complex/slow denial of service queries? Could we use the same setup to only allow our JavaScript ajax calls direct access or is a light API layer required, and we then lock down Sol

Re: Securing Solr with BasicAuth

On 5/24/2017 2:08 PM, Warden, Jesse wrote: > We don’t want people modifying Solr on our website. We found this plugin: > https://home.apache.org/~ctargett/RefGuidePOC/jekyll-full/basic-authentication-plugin.html#BasicAuthenticationPlugin-EnableBasicAuthentication > > However, if someone goes to se

Re: Securing solr 5.2 basic auth permission rules

aded into the classloader with the new jetty modules setup. > > > Marshall Sanders > Technical Lead – Software Engineer > Autotrader.com > 404-568-7130 > > -Original Message- > From: Sanders, Marshall (AT - Atlanta) [mailto: > marshall.sand...@autotrade

RE: Securing solr 5.2 basic auth permission rules

e.org Subject: RE: Securing solr 5.2 basic auth permission rules So the issue is that when it's stated that solr runs on jetty 9 what it really means is that it runs on 5% of jetty9 and the other 95% has been stripped out. (WH! It's only ~13 MB) You'll need to download the ap

RE: Securing solr 5.2 basic auth permission rules

mber 17, 2015 2:28 PM To: solr-user@lucene.apache.org Subject: RE: Securing solr 5.2 basic auth permission rules I'm actually trying to do something similar with 5.3 We're in the process of upgrading from 4.10 and were previously using jaas to secure dih pages and a few others and had

RE: Securing solr 5.2 basic auth permission rules

ith the new jetty9 modules/classloaders it's proving a challenge. Marshall Sanders Technical Lead – Software Engineer Autotrader.com 404-568-7130 -Original Message- From: Aziz Gaou [mailto:gaoua...@gmail.com] Sent: Thursday, September 17, 2015 5:55 AM To: solr-user@lucene.apache.or

Re: Securing solr 5.2 basic auth permission rules

thank you so much for your reply, Now, i try to protect Apache Solr 5 admin with jetty, when I change 1) sudo nano /opt/solr/server/etc/webdefault.xml Solr /* search-role BASIC Solr Realm 2) i changed too "*jetty.xml *

Re: Securing solr 5.2 basic auth permission rules

thank you so much for your reply 2015-09-16 18:58 GMT+00:00 Anshum Gupta : > Basic authentication (and the API support, that you're trying to use) was > only released with 5.3.0 so it wouldn't work with 5.2. > 5.2 only had the authentication and authorization frameworks, and shipped > with Kerber

Re: Securing solr 5.2 basic auth permission rules

Basic authentication (and the API support, that you're trying to use) was only released with 5.3.0 so it wouldn't work with 5.2. 5.2 only had the authentication and authorization frameworks, and shipped with Kerberos authentication plugin out of the box. There are a few known issues with that thou

Re: Securing solr index

That said, it might be nice with a wiki-page (or something) explaining how it can be done, including maybe concrete cases about exactly how it has been done on different installations around the world using Solr On 14/04/15 14:03, Per Steffensen wrote: Hi I might misunderstand you, but if you

RE: Securing solr index

From: Per Steffensen [mailto:st...@designware.dk] Sent: Tuesday, April 14, 2015 8:04 AM To: solr-user@lucene.apache.org Subject: Re: Securing solr index Hi I might misunderstand you, but if you are talking about securing the actual files/folders of the index, I do not think this is a Solr/Lucene co

Re: Securing solr index

Hi I might misunderstand you, but if you are talking about securing the actual files/folders of the index, I do not think this is a Solr/Lucene concern. Use standard mechanisms of your OS. E.g. on linux/unix use chown, chgrp, chmod, sudo, apparmor etc - e.g. allowing only root to write the fo

Re: Securing solr index

Where you want true Role-Based Access Control (RBAC) on each index (core or collection), one solution is to buy Solr Enterprise from LucidWorks. My personal practice is mostly dictated by financial decisions: - Each core/index has its configuration directory in a Git repository/branch where

Re: Securing Solr 5.0.0

Sure! You have to install mod_proxy for Apache and activate it. And then I put a file with the following content in /etc/apache2/conf.d: ProxyRequests Off ProxyPreserveHost Off AddDefaultCharset off Order deny,allow Allow from all ProxyPass /solrsearch http://localhost:8983/solr/s

Re: Securing Solr 5.0.0

Hi Frederik Arnold, Could you please blog it? the steps to setup the same using apache as reverse proxy and share it with community? On Sun, Mar 22, 2015 at 10:16 PM, Frederik Arnold wrote: > I have and I tried all sorts of things and they didn't work. > But I figured it out now. I setup Apache

Re: Securing Solr 5.0.0

I have and I tried all sorts of things and they didn't work. But I figured it out now. I setup Apache as a reverse proxy and it works. 2015-03-22 17:25 GMT+01:00 Erick Erickson : > Have you looked at https://wiki.apache.org/solr/SolrSecurity? > > Best, > Erick > > On Sun, Mar 22, 2015 at 4:20 AM,

Re: Securing Solr 5.0.0

Have you looked at https://wiki.apache.org/solr/SolrSecurity? Best, Erick On Sun, Mar 22, 2015 at 4:20 AM, Frederik Arnold wrote: > I followed the "Taking Solr to Production" tutorial and I now have an > solr 5.0.0 instance up and running. > > What is the recommended way for securing solr? > Sea

Re: securing Solr Admin

On 10/22/2013 1:04 PM, Stephanie Huynh wrote: How do I unsubscribe? http://lucene.apache.org/solr/discussion.html#solr-user-list-solr-userlucene

RE: securing Solr Admin

How do I unsubscribe? -Original Message- From: Shawn Heisey [mailto:s...@elyograg.org] Sent: Tuesday, October 22, 2013 12:01 PM To: solr-user@lucene.apache.org Subject: Re: securing Solr Admin On 10/22/2013 11:52 AM, Raymond Wiker wrote: > I have numerous search applications that o

Re: securing Solr Admin

On 10/22/2013 11:52 AM, Raymond Wiker wrote: I have numerous search applications that only involve SOLR, jQuery, Apache... and two additional server processes, one of which does query validation, adds filtering and does an XSL transform of the search results, while the other does a number of ap

Re: securing Solr Admin

ok thats very knowledgeable... thanks.. I will try to put a firewall to prevent some access... What I was looking for was some global & simple setting (like in the core setting) that prevents access to certain ip... or an htaccess type settings allowed for the core... But I guess thats not part o

Re: securing Solr Admin

On Oct 22, 2013, at 19:29 , Shawn Heisey wrote: > On 10/22/2013 8:09 AM, Raheel Hasan wrote: >> This sounds like trouble. >> >> I have used Solr in my script (php) such that I curl it for query (using >> "solr/automata/select?q="). If I make it completely off-public, how will my >> own site acces

Re: securing Solr Admin

On 10/22/2013 8:09 AM, Raheel Hasan wrote: This sounds like trouble. I have used Solr in my script (php) such that I curl it for query (using "solr/automata/select?q="). If I make it completely off-public, how will my own site access it? Is there any parameter to prevent access by "REMOTE_ADDR"

Re: securing Solr Admin

On Oct 22, 2013, at 15:32 , Raheel Hasan wrote: > Hi, > > I want to know how to secure the admin section. The site " > http://wiki.apache.org/solr/SolrSecurity"; has a lot of stuff, but I want to > put htaccess based restriction. > > Can anyone tell me where to place the htaccess? > > I am usin

Re: securing Solr Admin

This sounds like trouble. I have used Solr in my script (php) such that I curl it for query (using "solr/automata/select?q="). If I make it completely off-public, how will my own site access it? Is there any parameter to prevent access by "REMOTE_ADDR"? Thanks. On Tue, Oct 22, 2013 at 6:49 PM

Re: securing Solr Admin

On 10/22/2013 7:32 AM, Raheel Hasan wrote: > I want to know how to secure the admin section. The site " > http://wiki.apache.org/solr/SolrSecurity"; has a lot of stuff, but I want to > put htaccess based restriction. > > Can anyone tell me where to place the htaccess? > > I am using solr 4.3 Res

Re: Securing SOLR REST API

Sent from my iPhone On Jul 10, 2013, at 10:22 AM, "Pires, Guilherme" wrote: > Hello Everyone, > > I have been developing several solutions, mainly geospatial, that include > solr. > The availability of the restful services seem to bother a lot of people. > Mainly IT security, of course. >

Re: Securing SOLR REST API

Hi Guilherme, see - Steve On Jul 10, 2013, at 10:22 AM, "Pires, Guilherme" wrote: > Hello Everyone, > > I have been developing several solutions, mainly geospatial, that include > solr. > The availability of the restful services seem to bother a lot

Re: Securing Solr with Tomcat

http://wiki.apache.org/solr/SolrSecurity Make sure you block query params such as qt= https://issues.apache.org/jira/browse/SOLR-3161 is still open. This could be useful, too: http://www.nodex.co.uk/blog/12-03-12/installing-solr-debian-squeeze On Tue, Apr 10, 2012 at 4:25 PM, solruser wrote:

Re: Securing Solr under Tomcat - IP best way?

Accept only what you need (ports incoming/outgoing) for specific trusted clients. Decide for protocols such as ICMP, DNS, NTP, SSH and of course HTTP and drop all other coming in and reject going out. Beyond this you can also configure some protection for bad packets. There are plenty of guide

Re: Securing Solr under Tomcat - IP best way?

Thank you for the reply. I hate to take more of peoples time but can anyone elaborate more on the kind of firewall rules I should be looking at? -- View this message in context: http://lucene.472066.n3.nabble.com/Securing-Solr-under-Tomcat-IP-best-way-tp3899929p3900040.html Sent from the Solr -

Re: Securing Solr under Tomcat - IP best way?

Hi, I'd certainly add firewall rules. In some cases also HTTP Auth. Nutch can authenticate to Solr so that's no problem. Cheers On Tuesday 10 April 2012 17:10:42 Spadez wrote: > Hi, > > I’m in the process of working how to configure and secure my server running > Nginx, and Nutch and Solr unde

Re: Securing solr

Hi, if you run Apache in front of your Tomcat-Instance/Servlet-Container, you can do that by specifying access-rules in your .htaccess-file (either password-based or IP-based). However there also exist Tomcat, JBoss, xyz-specific methods to do that. Try to search for it specific to your servlet-

Re: Securing solr

On 4 March 2012 19:51, Ramo Karahasan wrote: [...] > i'm somehow unable to "secure" my  solr instance that runs on a dedicated > server. I have a webapplication that needs this solr instance, but the > webserver is running on another dedicated server. Is it possible to somehow > secure the solr in

Re: Securing Solr 1.4 in a glassfish container AS NEW THREAD

ml with no change. I'm looking through the httpclient authentication now. -Jon -Original Message- From: Sharp, Jonathan Sent: Friday, July 16, 2010 8:59 AM To: 'solr-user@lucene.apache.org' Subject: RE: Securing Solr 1.4 in a glassfish container AS NEW THREAD Hi Bilgin, Than

Re: Securing Solr 1.4 in a glassfish container AS NEW THREAD

t; Sent: Friday, July 16, 2010 8:59 AM > To: 'solr-user@lucene.apache.org' > Subject: RE: Securing Solr 1.4 in a glassfish container AS NEW THREAD > > Hi Bilgin, > > Thanks for the snippet -- that helps a lot. > > -Jon > > -Original Message- > F

RE: Securing Solr 1.4 in a glassfish container AS NEW THREAD

authentication now. -Jon -Original Message- From: Sharp, Jonathan Sent: Friday, July 16, 2010 8:59 AM To: 'solr-user@lucene.apache.org' Subject: RE: Securing Solr 1.4 in a glassfish container AS NEW THREAD Hi Bilgin, Thanks for the snippet -- that helps a lot. -Jon -Origin

RE: Securing Solr 1.4 in a glassfish container AS NEW THREAD

Hi Bilgin, Thanks for the snippet -- that helps a lot. -Jon -Original Message- From: Bilgin Ibryam [mailto:bibr...@gmail.com] Sent: Friday, July 16, 2010 1:31 AM To: solr-user@lucene.apache.org Subject: Re: Securing Solr 1.4 in a glassfish container AS NEW THREAD Hi Jon, SolrJ

Re: Securing Solr 1.4 in a glassfish container AS NEW THREAD

Hi Jon, SolrJ (CommonsHttpSolrServer) internally uses apache http client to connect to solr. You can check there for some documentation. I secured solr also with BASIC auth-method and use the following snippet to access it from solrJ: //set username and password ((CommonsHttpSolrServe

Re: securing solr

On 12/7/06, Duane Gran <[EMAIL PROTECTED]> wrote: All, I don't have a firewall configured in my environment and I'm trying to add a layer of security such that requests to solr are only accepted from the localhost. I could live with user authentication, but IP-based access control is preferable