> You could set a firewall that forbid any connection to your Solr's > server port to everyone, except the computer that host your application > that connect to Solr. > So, only your application will be able to connect to Solr.
I believe firewalling is the only possible solution since SOLR doesn't use cookies/sessionIDs However, 'firewall' can be implemented as an Apache HTTPD Server (or any other front-end configured to authenticate users). (you can even configure CISCO PIX (etc.) Firewall to authenticate users.) HTTPD is easiest, but I haven't tried. But again, if your use case is "many users, many IPs" you need good front-end (web application); if it is not the case - just restrict access to specific IP. -Fuad http://www.tokenizer.ca
