Erik Hatcher
Sun, 24 Sep 2006 15:21:30 -0700
On Sep 24, 2006, at 3:09 PM, Bertrand Delacretaz wrote:
On 9/24/06, Erik Hatcher <[EMAIL PROTECTED]> wrote:...perhaps some authentication/ authorization as well as HTTPS should eventually make it into the core, but getting more fine grained is unnecessary...If meaningful URLs are used (admin/stats, admin/config, admin/analysis, etc.), it is relatively easy to use either the servlet container or something like mod_proxy to implement security. Designing a good URL scheme might remove the need to address security concerns at the Solr level.
Agreed. Perhaps the Solr servlet should use the path information for selecting the request handler: /solr/search/standard, /solr/search/ mlt, /solr/search/dismax, etc.
And a /admin, /stats, and/or a /tools paths would be a good separation. /tools/analyzer, /stats/cache...
Erik