On 6/21/06, Tricia Williams <[EMAIL PROTECTED]> wrote:
It seems to me that the way that documents are indexed and managed via
Solr using http get requests leaves your index open to malicious attacks
as anyone with the right syntax and some information about your index
could commit changes to your index. Is there some mechanism in solr that
prevents this kind of attack?
We (CNET) use Solr as a back-end system.
Web traffic goes to apache web servers, then some requests go to
app-servers to generate dynamic content, and those app servers make
requests to Solr servers for search results.
If you have any ideas about it, adding security might be useful to
others though.
-Yonik
