Cool. For your information, there are multiple existing Solr proxies out there, one of them being mr. Smiley's one in Java. Also in PHP, Node etc. Here is one link, there are others as well https://github.com/evolvingweb/ajax-solr/wiki/Solr-proxies
-- Jan Høydahl, search solution architect Cominvent AS - www.cominvent.com > 31. jan. 2015 kl. 04.36 skrev Roman Chyla <roman.ch...@gmail.com>: > > I gather from your comment that I should update readme, because there could > be people who would be inclined to use bumblebee development server in > production: Beware those who enter through this gate! :-) > > Your point, that so far you haven't seen anybody share their middle layer > can be addressed by pointing to the following projects: > > https://github.com/adsabs/solr-service > https://github.com/adsabs/adsws > > These are also open source, we use them in production, and have oauth, > microservices, rest, and rate limits, we know it is not perfect, but what > is? ;-) pull requests welcome! > > Thanks, > > Roman > On 30 Jan 2015 21:51, "Shawn Heisey" <apa...@elyograg.org> wrote: > >> On 1/30/2015 1:07 PM, Roman Chyla wrote: >>> There exists a new open-source implementation of a search interface for >>> SOLR. It is written in Javascript (using Backbone), currently in version >>> v1.0.19 - but new features are constantly coming. Rather than describing >> it >>> in words, please see it in action for yourself at http://ui.adslabs.org >> - >>> I'd recommend exploring facets, the query form, and visualizations. >>> >>> The code lives at: http://github.com/adsabs/bumblebee >> >> I have no wish to trivialize the work you've done. I haven't looked >> into the code, but a high-level glance at the documentation suggests >> that you've put a lot of work into it. >> >> I do however have a strong caveat for your users. I'm the guy holding >> the big sign that says "the end is near" to anyone who will listen! >> >> By itself, this is an awesome tool for prototyping, but without some >> additional expertise and work, there are severe security implications. >> >> If this gets used for a public Internet facing service, the Solr server >> must be accessible from the end user's machine, which might mean that it >> must be available to the entire Internet. >> >> If the Solr server is not sitting behind some kind of intelligent proxy >> that can detect and deny aattempts to access certain parts of the Solr >> API, then Solr will be wide open to attack. A knowledgeable user that >> has unfiltered access to a Solr server will be able to completely delete >> the index, change any piece of information in the index, or send denial >> of service queries that will make it unable to respond to legitimate >> traffic. >> >> Setting up such a proxy is not a trivial task. I know that some people >> have done it, but so far I have not seen anyone share those >> configurations. Even with such a proxy, it might still be possible to >> easily send denial of service queries. >> >> I cannot find any information in your README or the documentation links >> that mentions any of these concerns. I suspect that many who >> incorporate this client into their websites will be unaware that their >> setup may be insecure, or how to protect it. >> >> Thanks, >> Shawn >> >>
