I would like the to protect both reads and writes. Reads could have a significant impact. I guess the answer is no, replication has no built in security?
On Wed, 2009-05-27 at 20:11 +0530, Noble Paul നോബിള് नोब्ळ् wrote: > The question is what all do you wish to protect. > There are 'read' as well as 'write' attributes . > > The reads are the ones which will not cause any harm other than > consuming some cpu cycles. > > The writes are the ones which can change the state of the system. > > The slave uses the 'read' API's which i feel may not need to be protected > > The other API's methods can have security . say dnappull, diableSnapPoll etc > > > > On Wed, May 27, 2009 at 7:47 PM, Matthew Gregg <matthew.gr...@gmail.com> > wrote: > > On Wed, 2009-05-27 at 19:06 +0530, Noble Paul നോബിള് नोब्ळ् wrote: > >> On Wed, May 27, 2009 at 6:48 PM, Matthew Gregg <matthew.gr...@gmail.com> > >> wrote: > >> > Does replication in 1.4 support passing credentials/basic auth? If not > >> > what is the best option to protect replication? > >> do you mean protecting the url /replication ? > > Yes I would like to put /replication behind basic auth, which I can do, > > but replication fails. I naively tried the obvious > > http://user:p...@host/replication, but that fails. > > > >> > >> ideally Solr is expected to run in an unprotected environment. if you > >> wish to introduce some security it has to be built by you. > >> > > >> > > > I guess you meant Solr is expected to run in a "protected" environment? > > It's pretty easy to put up a basic auth in front of Solr, but the > > replication infra. in 1.4 doesn't seem to support it. Or does it, and I > > just don't know how? > > > > -- > > Matthew Gregg <matthew.gr...@gmail.com> > > > > > > > -- Matthew Gregg <matthew.gr...@gmail.com>
