Security has many flavors. Even if your servers are hosted in an intranet (not exposed to the internet) , you still need authentication and authorization. I would not claim that Solr is fort Knox, but Solr is not more a house without doors
--Noble On Sun, Sep 27, 2015 at 5:12 AM, Doug Turnbull <[email protected]> wrote: > I'm glad some of these changes have made it in. And I admit ignorance to the > work done in this area. However... > > My 2 cents would be that I'm still more comfortable locking down Solr behind > something that feels rather battle-tested like Nginx or another proxy > instead of letting Solr be in charge of security. I feel like this is a > better division of responsibilities, and I'm not sure you'd want to start > advertising Solr as super secure, locked down, and hardened. > > -Doug > > On Saturday, September 26, 2015, Jan Høydahl <[email protected]> wrote: >> >> Hi, >> >> Any comments on this suggestion? >> >> Jan >> >> > Den 25. aug. 2015 kl. 10.25 skrev Jan Høydahl <[email protected]>: >> > >> > Idea: If we do not want to draw new icons, perhaps this could work: >> > >> > Use the “schemaless" icon (with a key) as the new security icon: >> > >> > http://lucene.apache.org/solr/assets/images/Solr_Icons_a_real_data_schema.svg >> > >> > And for the schema-less feature, we can instead use the icon from the >> > removed “External configuration" >> > >> > http://lucene.apache.org/solr/assets/images/Solr_Icons_external_configuration.svg >> > >> > >> > Title: Security built right in >> > Subtitle: Secure Solr with Authentication, Role based Authorization and >> > SSL. Pluggable of course! >> > >> > >> > See how it looks here: >> > http://www.cominvent.com/solr/Apache%20Solr%20-%20Features.html >> > >> > -- >> > Jan Høydahl, search solution architect >> > Cominvent AS - www.cominvent.com >> > >> >> 24. aug. 2015 kl. 21.25 skrev Jan Høydahl <[email protected]>: >> >> >> >> On the Solr web site >> >> http://lucene.staging.apache.org/solr/features.html we list key features. >> >> Now with 5.3 out the door, I think one of those icons should be about >> >> security. >> >> >> >> Suggest to remove one of the existing icons to make room for a new one. >> >> Candidates: >> >> - "External Configuration via XML” does perhaps not impress much >> >> anymore. >> >> - "Extensible Plugin Architecture” is almost a duplicate of "Powerful >> >> Extensions" >> >> >> >> -- >> >> Jan Høydahl, search solution architect >> >> Cominvent AS - www.cominvent.com >> > >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> > > > -- > Doug Turnbull | Search Relevance Consultant | OpenSource Connections, LLC | > 240.476.9983 > Author: Relevant Search > This e-mail and all contents, including attachments, is considered to be > Company Confidential unless explicitly stated otherwise, regardless of > whether attachments are marked as such. > -- ----------------------------------------------------- Noble Paul --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
