Thanks for the quick response.
1. I'm using Solr with Jetty.
2. I'm using Java to access Solr, so I need a way to pass / add this
authentication as well.
-----Original Message-----
From: Tim Dunphy [mailto:[email protected]]
Sent: Tuesday, November 04, 2014 3:22 PM
To: [email protected]
Subject: Re: Solr authentication
Hi Shay,
I'm new to using Solr myself. But what I've done to solve this problem is to
run Solr via Tomcat. Then I put Apache in front of Tomcat using mod_jk and made
Solr accessible via SSL on port 443. I also put basic authentication in front
of Apache. That way you have to enter a username and password to log in.
Then I made port 8080 (the native port for Apache Tomcat) inaccessible using
the firewall. So that the only way to access the Solr instance was through
Apache and entering your password. With everything going over SSL. It's very
secure.
>From what I read about Solr, there are no security considerations (such as
>using a password for access) built in. So the only way to achieve some level
>of security without doing what I just did is to secure it with a firewall.
>Making your Solr instance accessible only from certain IPs. Please someone
>correct me if I'm wrong about that.
But the way I did it with running Solr with Apache and SSL and mod_jk over
tomcat is pretty easy. If you google it you will find plenty of useful guides
out there on how to do this. I'd recommend taking that approach.
Tim
Sent from my iPhone
> On Nov 4, 2014, at 7:53 AM, Shay Sofer <[email protected]> wrote:
>
> Hi,
>
> I want that my Solr web connection will be protected by username and password.
>
> When someone try to get to - 1.1.1.1:8983/Solr, he can do it only after login
> (with known users).
>
> Is it possible ?
>
> Thanks,
> Shay.
Email secured by Check Point
