Unfortunately, it's not really advisable to allow open access to Solr to the open web.
There are many avenues of DOSing a Solr install otherwise, and depending on how it's configured, some more intrusive vulnerabilities. Michael Della Bitta Applications Developer o: +1 646 532 3062 appinions inc. “The Science of Influence Marketing” 18 East 41st Street New York, NY 10017 t: @appinions <https://twitter.com/Appinions> | g+: plus.google.com/appinions <https://plus.google.com/u/0/b/112002776285509593336/112002776285509593336/posts> w: appinions.com <http://www.appinions.com/> On Mon, Jun 23, 2014 at 8:52 AM, Bjørn Axelsen < bjorn.axel...@fagkommunikation.dk> wrote: > Dear Solr users, > > I am building a Solr 4.8 search engine that will hold documents containing > subscription-only content. We want potential customers to be able to search > the full content. And we also want to show them highlighted context > snippets from the full contents. > > So, I have included the full text as a stored field in order to show the > context snippets. > > For ease of implementation across multiple sites I prefer access to the > Solr query URL to be open (no HTTP basic authentication etc.). > > However, we do not want to expose the full text to the public (paid > content). > > What would be the most simple way to > > 1) provide highlighted context snippets from the full content field, > 2) block access to read the full field contents? > > Regards, > > Bjørn Axelsen > Web Consultant > Fagkommunikation Webbureau som formidler viden > Schillerhuset · Nannasgade 28 · 2200 København N · +45 60660669 · > i...@fagkommunikation.dk · fagkommunikation.dk >
