lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Terry Steichen <te...@net-frame.com>
Subject Re: Basic Auth Permission
Date Sat, 08 Dec 2018 16:14:36 GMT
What Noble Paul says is true: Solr can't - directly - restrict access to
static files.

However, if you set your file repository's permissions to a minimal
level (so, for example, users can't do a directory search), then they
must know the precise name and location of the file they're trying to
retrieve.  And, depending on your system implementation, that
information may be only available via a Solr search result (the access
to which can be restricted).

Terry Steichen

On 12/8/18 12:06 AM, Noble Paul wrote:
> You can't restrict access to static files.
>
> You can only restrict access to Solr content.
>
> However you can use the "blockUnknown" property in your security.json
> to restrict access to all files
>
> https://lucene.apache.org/solr/guide/7_5/basic-authentication-plugin.html
> --Noble
> On Sat, Jun 9, 2018 at 2:43 AM Antony A <antonyaugustus@gmail.com> wrote:
>> Hello,
>>
>> I am trying to get the path/params restricted to users of individual
>> collection through Solr UI.
>>
>> Here is the permission that I have for an user.
>>
>> {"collection": "collection_name", "path": "/admin/file", "role": ["
>> collection_user"]}
>>
>> I am still not able to restrict another user from accessing other
>> collection files like solrconfig, solr-data-config etc.
>>
>> If it possible to define permission at collection-level to this path?
>>
>> Thanks,
>> Antony
>
>

Mime
View raw message