lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bilgin Ibryam <bibr...@gmail.com>
Subject Re: Securing Solr 1.4 in a glassfish container AS NEW THREAD
Date Fri, 16 Jul 2010 08:31:28 GMT
Hi Jon,

SolrJ (CommonsHttpSolrServer) internally uses apache http client to connect
to solr. You can check there for some documentation.
I secured solr also with BASIC auth-method and use the following snippet to
access it from solrJ:

      //set username and password
      ((CommonsHttpSolrServer)
server).getHttpClient().getParams().setAuthenticationPreemptive(true);
      Credentials defaultcreds = new UsernamePasswordCredentials("username",
"secret");
      ((CommonsHttpSolrServer)
server).getHttpClient().getState().setCredentials(new AuthScope("localhost",
80, AuthScope.ANY_REALM), defaultcreds);

HTH
Bilgin Ibryam



On Fri, Jul 16, 2010 at 2:35 AM, Sharp, Jonathan <JSharp@coh.org> wrote:

> Hi All,
>
> I am considering securing Solr with basic auth in glassfish using the
> container, by adding to web.xml and adding sun-web.xml file to the
> distributed WAR as below.
>
> If using SolrJ to index files, how can I provide the credentials for
> authentication to the http-client (or can someone point me in the direction
> of the right documentation to do that or that will help me make the
> appropriate modifications) ?
>
> Also any comment on the below is appreciated.
>
> Add this to web.xml
> -----------------------------------------------
>   <login-config>
>       <auth-method>BASIC</auth-method>
>       <realm-name>SomeRealm</realm-name>
>   </login-config>
>   <security-constraint>
>       <web-resource-collection>
>           <web-resource-name>Admin Pages</web-resource-name>
>           <url-pattern>/admin</url-pattern>
>           <url-pattern>/admin/*</url-pattern>
>
> <http-method>GET</http-method><http-method>POST</http-method><http-method>PUT</http-method><http-method>TRACE</http-method<http-method>HEAD</http-method><http-method>OPTIONS</http-method><http-method>DELETE</http-method>
>       </web-resource-collection>
>       <auth-constraint>
>           <role-name>SomeAdminRole</role-name>
>       </auth-constraint>
>   </security-constraint>
>   <security-constraint>
>       <web-resource-collection>
>           <web-resource-name>Update Servlet</web-resource-name>
>           <url-pattern>/update/*</url-pattern>
>
> <http-method>GET</http-method><http-method>POST</http-method><http-method>PUT</http-method><http-method>TRACE</http-method<http-method>HEAD</http-method><http-method>OPTIONS</http-method><http-method>DELETE</http-method>
>       </web-resource-collection>
>       <auth-constraint>
>           <role-name>SomeUpdateRole</role-name>
>       </auth-constraint>
>   </security-constraint>
>   <security-constraint>
>       <web-resource-collection>
>           <web-resource-name>Select Servlet</web-resource-name>
>           <url-pattern>/select/*</url-pattern>
>
> <http-method>GET</http-method><http-method>POST</http-method><http-method>PUT</http-method><http-method>TRACE</http-method<http-method>HEAD</http-method><http-method>OPTIONS</http-method><http-method>DELETE</http-method>
>       </web-resource-collection>
>       <auth-constraint>
>           <role-name>SomeSearchRole</role-name>
>       </auth-constraint>
>   </security-constraint>
> -----------------------------------------------
>
> Also add this as sun-web.xml
>
> ------------------------------------------------
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application
> Server 9.0 Servlet 2.5//EN" "
> http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
> <sun-web-app error-url="">
>  <context-root>/Solr</context-root>
>  <jsp-config>
>   <property name="keepgenerated" value="true">
>     <description>Keep a copy of the generated servlet class' java
> code.</description>
>   </property>
>  </jsp-config>
>  <security-role-mapping>
>     <role-name>SomeAdminRole</role-name>
>     <group-name>SomeAdminGroup</group-name>
>  </security-role-mapping>
>  <security-role-mapping>
>     <role-name>SomeUpdateRole</role-name>
>     <group-name>SomeUpdateGroup</group-name>
>  </security-role-mapping>
>  <security-role-mapping>
>     <role-name>SomeSearchRole</role-name>
>     <group-name>SomeSearchGroup</group-name>
>  </security-role-mapping>
> </sun-web-app>
> --------------------------------------------------
>
> -Jon
>
>
> ---------------------------------------------------------------------
> SECURITY/CONFIDENTIALITY WARNING: This message and any attachments are
> intended solely for the individual or entity to which they are addressed.
> This communication may contain information that is privileged, confidential,
> or exempt from disclosure under applicable law (e.g., personal health
> information, research data, financial information). Because this e-mail has
> been sent without encryption, individuals other than the intended recipient
> may be able to view the information, forward it to others or tamper with the
> information without the knowledge or consent of the sender. If you are not
> the intended recipient, or the employee or person responsible for delivering
> the message to the intended recipient, any dissemination, distribution or
> copying of the communication is strictly prohibited. If you received the
> communication in error, please notify the sender immediately by replying to
> this message and deleting the message and any accompanying files from your
> system. If, due to the security risks, you do not wis
> h to
> receive further communications via e-mail, please reply to this message and
> inform the sender that you do not wish to receive further e-mail from the
> sender.
> ---------------------------------------------------------------------
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message