lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew McCombe <>
Subject Security/authentication strategies
Date Thu, 29 Apr 2010 07:42:12 GMT

I'm planning on adding some protection to our solr servers and would
like to know what others are doing in this area.

Basically I have a few solr cores running under tomcat6 and all use DH
to populate the solr index.  This is all behind a firewall and only
accessible from certain IP addresses.  Access to Solr Admin is open to
anyone in the company and many use it for checking data is in the
index and simple analysis.  However, they can also trigger a
full-import if they are careless (one of the cores takes 6 hours to
ingest the data).

What would be the recommended way of protecting things like the DIH
functionality? HTTP Authentication via tomcat realms or are there any
other solutions?

Andrew McCombe
iWeb Solutions

View raw message