: BASIC Tomcat. Essentially I want users to only be able to /select/* and : admins to be able to do everything else. Right now I am checking for : : /select/* - Users : /admin/* - Admin : /update/* - Admin : : Are there other url strings I should be protecting? : (This was unclear to me in the documentation)
in general it depends on what requestHandlers you have configured in your solrconfig.xml ... if you have an instance of the ExtractinRequestHandler configured with the path "/extract/stuff" then you'll probably want to protect that as well. In particular you may want to block users from accessing /replication (but then if you'll need to give special access to the slave machines so they can query the master) You should also watch out for the "qt" param when using the special "/select" path. I would suggest that you just block user access /select, and use specific paths for accessing handlers directly (ie /search, /dismax, etc...) -Hoss --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
