lucene-solr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Solr Wiki] Update of "SolrSecurity" by HossMan
Date Sat, 03 Jul 2010 01:25:01 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Solr Wiki" for change notification.

The "SolrSecurity" page has been changed by HossMan.
The comment on this change is: add note about preemptive auth.
http://wiki.apache.org/solr/SolrSecurity?action=diff&rev1=13&rev2=14

--------------------------------------------------

  
  == Path Based Authentication ==
  
- Path based authentication configured at the servlet container level can be used to restrict
access to urls such as /admin and /update to only clients specifying the correct credentials.
+ Path based authentication configured at the servlet container level can be used to restrict
access to urls (such as /admin and /update) to only clients specifying the correct credentials.
  
  
  Using path based authentication to limit certain clients to path based request handlers
with "appends" and "invariants" is also a nice way to expose a subset of the documents and
constraining or defaulting any request parameters.  
  
@@ -49, +49 @@

  
  /!\ NOTE: Solr provides access to request handlers through a general purpose /select?qt=request_handler_name
URL.  Prior to [[Solr1.4]] (via SOLR-1233), request handlers named with a leading forward-slash
like /select?qt=/request_handler_name could not be used, but had to be requested using /request_handler_name.
 [[Solr1.4]] removed the forward-slash restriction and allows /select to work with any request
handler name.  Externally blocking access to /select is recommended in environments where
only path-based access to request handlers is warranted.
  
+ When using patch based authentication, you will most likely want to configure your HTTP
client code to use [[http://hc.apache.org/httpclient-3.x/authentication.html#Preemptive_Authentication|Preemptive
Authentication]]
  
  === Jetty example ===
  

Mime
View raw message