That said, it might be nice with a wiki-page (or something) explaining
how it can be done, including maybe concrete cases about exactly how it
has been done on different installations around the world using Solr
On 14/04/15 14:03, Per Steffensen wrote:
Hi
I might misunderstand you, but if you are talking about securing the
actual files/folders of the index, I do not think this is a
Solr/Lucene concern. Use standard mechanisms of your OS. E.g. on
linux/unix use chown, chgrp, chmod, sudo, apparmor etc - e.g. allowing
only root to write the folders/files and sudo the user running
Solr/Lucene to operate as root in this area. Even admins should not
(normally) operate as root - that way they cannot write the files
either. No one knows the root-password - except maybe for the
super-super-admin, or you split the root-password in two and two
admins know a part each, so that they have to both agree in order to
operate as root. Be creative yourself.
Regards, Per Steffensen
On 13/04/15 12:13, Suresh Vanasekaran wrote:
Hi,
We are having the solr index maintained in a central server and
multiple users might be able to access the index data.
May I know what are best practice for securing the solr index folder
where ideally only application user should be able to access. Even an
admin user should not be able to copy the data and use it in another
schema.
Thanks
**************** CAUTION - Disclaimer *****************
This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended
solely
for the use of the addressee(s). If you are not the intended
recipient, please
notify the sender by e-mail and delete the original message. Further,
you are not
to copy, disclose, or distribute this e-mail or its contents to any
other person and
any such actions are unlawful. This e-mail may contain viruses.
Infosys has taken
every reasonable precaution to minimize this risk, but is not liable
for any damage
you may sustain as a result of any virus in this e-mail. You should
carry out your
own virus checks before opening the e-mail or attachment. Infosys
reserves the
right to monitor and review the content of all messages sent to or
from this e-mail
address. Messages sent to or from this e-mail address may be stored
on the
Infosys e-mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***
