On 10/3/2013 12:35 PM, Shawn Heisey wrote:
You'll run into strong resistance for putting any security features into
Solr itself. We'd rather work on search, not spend all our time making
and fixing security mechanisms, plus taking heat anytime they don't work
as advertised and somebody loses millions of ${CURRENCY} because of it.
I know this is not what you want to hear. It is however the current
reality.
Followup:
You could always put a proxy front end (with apache's mod_rewrite or
something similar) that would translate a handful of custom URLs
directly to informational request handlers in Solr that would give the
requester a subset of the information available. It would need to
ignore any parameters that the user supplied, unless the proxied Solr
handler can't actually change anything.
An example:
http://info.example.com/solr/system
=> http://server:port/solr/corename/admin/system?wt=json&indent=true
Some of the main info handlers have URL paths in Solr 4.5 that do not
require including a corename.
Thanks,
Shawn
