Hi Shay, I'm new to using Solr myself. But what I've done to solve this problem is to run Solr via Tomcat. Then I put Apache in front of Tomcat using mod_jk and made Solr accessible via SSL on port 443. I also put basic authentication in front of Apache. That way you have to enter a username and password to log in.
Then I made port 8080 (the native port for Apache Tomcat) inaccessible using the firewall. So that the only way to access the Solr instance was through Apache and entering your password. With everything going over SSL. It's very secure. From what I read about Solr, there are no security considerations (such as using a password for access) built in. So the only way to achieve some level of security without doing what I just did is to secure it with a firewall. Making your Solr instance accessible only from certain IPs. Please someone correct me if I'm wrong about that. But the way I did it with running Solr with Apache and SSL and mod_jk over tomcat is pretty easy. If you google it you will find plenty of useful guides out there on how to do this. I'd recommend taking that approach. Tim Sent from my iPhone > On Nov 4, 2014, at 7:53 AM, Shay Sofer <sha...@checkpoint.com> wrote: > > Hi, > > I want that my Solr web connection will be protected by username and password. > > When someone try to get to - 1.1.1.1:8983/Solr, he can do it only after login > (with known users). > > Is it possible ? > > Thanks, > Shay.
