lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From AlexeyK <lex.kudi...@gmail.com>
Subject Re: SolrCloud: admin security vs. replication
Date Thu, 31 Jan 2013 06:39:06 GMT
As long as Core Admin is accessible via HTTP and allows to manipulate Solr
cores, it should be secured, regardless of configured path. The difference
between securing Admin vs. securing other handlers is that other handlers
are accessed by a specific application server(s), and therefore may be
easily firewalled etc.
Admin interface can (in theory) be accessed from machine other than
application server, but I cannot really apply security constraints to it as
long as Core Admin is used both internally(replication) and externally
(admin web interface JS).
Therefore, it's necessary to provide reverse proxy with access control
management for secure external access to admin AND internal access.




--
View this message in context: http://lucene.472066.n3.nabble.com/SolrCloud-admin-security-vs-replication-tp4037337p4037628.html
Sent from the Solr - User mailing list archive at Nabble.com.

Mime
View raw message