lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Sturge (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (SOLR-1861) HTTP Authentication for sharded queries
Date Sun, 29 Apr 2012 15:15:50 GMT

    [ https://issues.apache.org/jira/browse/SOLR-1861?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13264570#comment-13264570
] 

Peter Sturge commented on SOLR-1861:
------------------------------------

Would a Solrj client be able to intrinsically handle a distributed shard request? It could
make separate requests for each shard, but you wouldn't have the nice advantage of distributed
searches, with aggregated facets, ranges etc. that's built-in on the server side. Or perhaps
I've misunderstood your Solrj suggestion?


                
> HTTP Authentication for sharded queries
> ---------------------------------------
>
>                 Key: SOLR-1861
>                 URL: https://issues.apache.org/jira/browse/SOLR-1861
>             Project: Solr
>          Issue Type: Improvement
>          Components: search
>    Affects Versions: 1.4
>         Environment: Solr 1.4
>            Reporter: Peter Sturge
>            Priority: Minor
>              Labels: authentication, distributed, http, shard
>         Attachments: SearchHandler.java, SearchHandler.java
>
>
> This issue came out of a requirement to have HTTP authentication for queries. Currently,
HTTP authentication works for querying single servers, but it's not possible for distributed
searches across multiple shards to receive authenticated http requests.
> This patch adds the option for Solr clients to pass shard-specific http credentials to
SearchHandler, which can then use these credentials when making http requests to shards.
> Here's how the patch works:
> A final constant String called {{shardcredentials}} acts as the name of the SolrParams
parameter key name.
> The format for the value associated with this key is a comma-delimited list of colon-separated
tokens:
> {{   shard0:port0:username0:password0,shard1:port1:username1:password1,shardN:portN:usernameN:passwordN
 }}
> A client adds these parameters to their sharded request. 
> In the absence of {{shardcredentials}} and/or matching credentials, the patch reverts
to the existing behaviour of using a default http client (i.e. no credentials). This ensures
b/w compatibility.
> When SearchHandler receives the request, it passes the 'shardcredentials' parameter to
the HttpCommComponent via the submit() method.
> The HttpCommComponent parses the parameter string, and when it finds matching credentials
for a given shard, it creates an HttpClient object with those credentials, and then sends
the request using this.
> Note: Because the match comparison is a string compare (a.o.t. dns compare), the host/ip
names used in the shardcredentials parameters must match those used in the shards parameter.
> Impl Notes:
> This patch is used and tested on the 1.4 release codebase. There weren't any significant
diffs between the 1.4 release and the latest trunk for SearchHandler, so should be fine on
other trunks, but I've only tested with the 1.4 release code base.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message