We use CAS as well, and are also not using ZooKeeper/SolrCloud. We may move to SolrCloud after getting our current very-basic setup into production. We'll definitely take a look at the rule-based authorization plugin and see how we can leverage that.
-----Original Message----- From: LeZotte, Tom [mailto:tom.lezo...@vanderbilt.edu] Sent: Monday, August 24, 2015 4:37 PM To: solr-user@lucene.apache.org Subject: Re: User Authentication Bosco, We use CAS for user authentication, not sure if we have Kerberos working anywhere. Also we are not using ZooKeeper, because we are only running one server currently. thanks Tom LeZotte Health I.T. - Senior Product Developer (p) 615-875-8830 On Aug 24, 2015, at 3:12 PM, Don Bosco Durai <bo...@apache.org<mailto:bo...@apache.org>> wrote: Just curious, is Kerberos an option for you? If so, mostly all your 3 use cases will addressed. Bosco On 8/24/15, 12:18 PM, "Steven White" <swhite4...@gmail.com<mailto:swhite4...@gmail.com>> wrote: Hi Noble, Is everything in the link you provided applicable to Solr 5.2.1? Thanks Steve On Mon, Aug 24, 2015 at 2:20 PM, Noble Paul <noble.p...@gmail.com<mailto:noble.p...@gmail.com>> wrote: did you manage to look at the reference guide? https://cwiki.apache.org/confluence/display/solr/Securing+Solr On Mon, Aug 24, 2015 at 9:23 PM, LeZotte, Tom <tom.lezo...@vanderbilt.edu> wrote: Alex I got a super secret release of Solr 5.3.1, wasn¹t suppose to say anything. Yes I¹m running 5.2.1, I will check out the release notes for 5.3. Was looking for three types of user authentication, I guess. 1. the Admin Console 2. User auth for each Core ( and select and update) on a server. 3. HTML interface access (example: ajax-solr< https://github.com/evolvingweb/ajax-solr>) Thanks Tom LeZotte Health I.T. - Senior Product Developer (p) 615-875-8830 On Aug 24, 2015, at 10:05 AM, Alexandre Rafalovitch <arafa...@gmail.com<mailto:arafa...@gmail.com> <mailto:arafa...@gmail.com>> wrote: Thanks for the email from the future. It is good to start to prepare for 5.3.1 now that 5.3 is nearly out. Joking aside (and assuming Solr 5.2.1), what exactly are you trying to achieve? Solr should not actually be exposed to the users directly. It should be hiding in a backend only visible to your middleware. If you are looking for a HTML interface that talks directly to Solr after authentication, that's not the right way to set it up. That said, some security features are being rolled out and you should definitely check the release notes for the 5.3. Regards, Alex. ---- Solr Analyzers, Tokenizers, Filters, URPs and even a newsletter: http://www.solr-start.com/ On 24 August 2015 at 10:01, LeZotte, Tom <tom.lezo...@vanderbilt.edu<mailto:tom.lezo...@vanderbilt.edu>> wrote: Hi Solr Community I have been trying to add user authentication to our Solr 5.3.1 RedHat install. I¹ve found some examples on user authentication on the Jetty side. But they have failed. Does any one have a step by step example on authentication for the admin screen? And a core? Thanks Tom LeZotte Health I.T. - Senior Product Developer (p) 615-875-8830 -- ----------------------------------------------------- Noble Paul
