Hi Jon,
SolrJ (CommonsHttpSolrServer) internally uses apache http client to connect
to solr. You can check there for some documentation.
I secured solr also with BASIC auth-method and use the following snippet to
access it from solrJ:
//set username and password
((CommonsHttpSolrServer)
server).getHttpClient().getParams().setAuthenticationPreemptive(true);
Credentials defaultcreds = new UsernamePasswordCredentials("username",
"secret");
((CommonsHttpSolrServer)
server).getHttpClient().getState().setCredentials(new AuthScope("localhost",
80, AuthScope.ANY_REALM), defaultcreds);
HTH
Bilgin Ibryam
On Fri, Jul 16, 2010 at 2:35 AM, Sharp, Jonathan <jsh...@coh.org> wrote:
> Hi All,
>
> I am considering securing Solr with basic auth in glassfish using the
> container, by adding to web.xml and adding sun-web.xml file to the
> distributed WAR as below.
>
> If using SolrJ to index files, how can I provide the credentials for
> authentication to the http-client (or can someone point me in the direction
> of the right documentation to do that or that will help me make the
> appropriate modifications) ?
>
> Also any comment on the below is appreciated.
>
> Add this to web.xml
> -----------------------------------------------
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>SomeRealm</realm-name>
> </login-config>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Admin Pages</web-resource-name>
> <url-pattern>/admin</url-pattern>
> <url-pattern>/admin/*</url-pattern>
>
> <http-method>GET</http-method><http-method>POST</http-method><http-method>PUT</http-method><http-method>TRACE</http-method<http-method>HEAD</http-method><http-method>OPTIONS</http-method><http-method>DELETE</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>SomeAdminRole</role-name>
> </auth-constraint>
> </security-constraint>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Update Servlet</web-resource-name>
> <url-pattern>/update/*</url-pattern>
>
> <http-method>GET</http-method><http-method>POST</http-method><http-method>PUT</http-method><http-method>TRACE</http-method<http-method>HEAD</http-method><http-method>OPTIONS</http-method><http-method>DELETE</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>SomeUpdateRole</role-name>
> </auth-constraint>
> </security-constraint>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Select Servlet</web-resource-name>
> <url-pattern>/select/*</url-pattern>
>
> <http-method>GET</http-method><http-method>POST</http-method><http-method>PUT</http-method><http-method>TRACE</http-method<http-method>HEAD</http-method><http-method>OPTIONS</http-method><http-method>DELETE</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>SomeSearchRole</role-name>
> </auth-constraint>
> </security-constraint>
> -----------------------------------------------
>
> Also add this as sun-web.xml
>
> ------------------------------------------------
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application
> Server 9.0 Servlet 2.5//EN" "
> http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd";>
> <sun-web-app error-url="">
> <context-root>/Solr</context-root>
> <jsp-config>
> <property name="keepgenerated" value="true">
> <description>Keep a copy of the generated servlet class' java
> code.</description>
> </property>
> </jsp-config>
> <security-role-mapping>
> <role-name>SomeAdminRole</role-name>
> <group-name>SomeAdminGroup</group-name>
> </security-role-mapping>
> <security-role-mapping>
> <role-name>SomeUpdateRole</role-name>
> <group-name>SomeUpdateGroup</group-name>
> </security-role-mapping>
> <security-role-mapping>
> <role-name>SomeSearchRole</role-name>
> <group-name>SomeSearchGroup</group-name>
> </security-role-mapping>
> </sun-web-app>
> --------------------------------------------------
>
> -Jon
>
>
> ---------------------------------------------------------------------
> SECURITY/CONFIDENTIALITY WARNING: This message and any attachments are
> intended solely for the individual or entity to which they are addressed.
> This communication may contain information that is privileged, confidential,
> or exempt from disclosure under applicable law (e.g., personal health
> information, research data, financial information). Because this e-mail has
> been sent without encryption, individuals other than the intended recipient
> may be able to view the information, forward it to others or tamper with the
> information without the knowledge or consent of the sender. If you are not
> the intended recipient, or the employee or person responsible for delivering
> the message to the intended recipient, any dissemination, distribution or
> copying of the communication is strictly prohibited. If you received the
> communication in error, please notify the sender immediately by replying to
> this message and deleting the message and any accompanying files from your
> system. If, due to the security risks, you do not wis
> h to
> receive further communications via e-mail, please reply to this message and
> inform the sender that you do not wish to receive further e-mail from the
> sender.
> ---------------------------------------------------------------------
>
>
