What do you mean "encrypt"? The stored value? the indexed value? Over the wire?
Here's the problem with indexing indexed terms... you can't search it reliably. Any decent encryption algorithm isn't going to let you, for instance, search wildcards since the encrypted value for "awesome" better produce different leading bytes than "awe" so trying to search on "aw*" will fail. If it doesn't fail, you might as well not encrypt anything. I have seem custom update processors that do an encryption of the _stored_ data only and index the raw terms. That at least removes some of the context, but the raw terms are still in the index. So in addition to Gora's comment, because you absolutely _have_ to keep your server behind firewalls etc, you can use a secure communication channel and use an encrypting filesystem to keep the media secure. But if you're just talking about storing the values in the index and you _don't_ need to search on them, just encrypt them before you send them to the index and store (but do not index) the data. Best Erick On Mon, Jun 17, 2013 at 2:10 PM, Gora Mohanty <g...@mimirtech.com> wrote: > On 17 June 2013 21:41, Mysurf Mail <stammail...@gmail.com> wrote: >> Hi, >> I want to encrypt (rsa maybe?) my user name/pass in solr . >> Cant leave a simple plain text on the server. >> What is the recomended way? > > I don't think that there is a way to encrypt this information > at the moment. > > The recommended way would be to never expose your > Solr server to the external world. The way to do that > depends on your OS, and possibly the container in > which you are running Solr. > > Regards, > Gora
