Vijayant Kumar wrote:
Hi Group,
I need some feedback on solr security.
For Making by solr admin password protected,
I had used the Path Based Authentication form
http://wiki.apache.org/solr/SolrSecurity.
In this way my admin area,search,delete,add to index is protected.But Now
when I make solr authenticated then for every update/delete from the fornt
end is blocked without authentication.
I do not need this authentication from the front end so I simply pass the
username and password to the solr in my fornt end scripts and it is
working fine. I had done it in the below way.
http://username:passw...@localhost:8983/solr/admin/update
I need your suggestion and feed back on the above method.Is it fessiable
method and secure? TO over come from this issue is there any alternate
method?
Hey,
there is at least another solution. You can set a firewall rule that
allow connections to the Solr's port only from trusted IPs.
