Security/authentication strategies
Hi I'm planning on adding some protection to our solr servers and would like to know what others are doing in this area. Basically I have a few solr cores running under tomcat6 and all use DH to populate the solr index. This is all behind a firewall and only accessible from certain IP addresses. Access to Solr Admin is open to anyone in the company and many use it for checking data is in the index and simple analysis. However, they can also trigger a full-import if they are careless (one of the cores takes 6 hours to ingest the data). What would be the recommended way of protecting things like the DIH functionality? HTTP Authentication via tomcat realms or are there any other solutions? Thanks Andrew McCombe iWeb Solutions
Re: Security/authentication strategies
Hi Andrew, Today, authentication is handled by the container (e.g. Tomcat, Jetty etc.). There's a thread I found to be very useful on this topic here: http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores This was for Jetty, but the idea is pretty much the same for Tomcat. HTH Peter On Thu, Apr 29, 2010 at 8:42 AM, Andrew McCombe eupe...@gmail.com wrote: Hi I'm planning on adding some protection to our solr servers and would like to know what others are doing in this area. Basically I have a few solr cores running under tomcat6 and all use DH to populate the solr index. This is all behind a firewall and only accessible from certain IP addresses. Access to Solr Admin is open to anyone in the company and many use it for checking data is in the index and simple analysis. However, they can also trigger a full-import if they are careless (one of the cores takes 6 hours to ingest the data). What would be the recommended way of protecting things like the DIH functionality? HTTP Authentication via tomcat realms or are there any other solutions? Thanks Andrew McCombe iWeb Solutions
Re: Security/authentication strategies
Thanks for this Peter. I have managed to get this working with Tomcat. Andrew On 29 April 2010 12:11, Peter Sturge peter.stu...@googlemail.com wrote: Hi Andrew, Today, authentication is handled by the container (e.g. Tomcat, Jetty etc.). There's a thread I found to be very useful on this topic here: http://www.lucidimagination.com/search/document/d1e338dc452db2e4/how_can_i_protect_the_solr_cores This was for Jetty, but the idea is pretty much the same for Tomcat. HTH Peter On Thu, Apr 29, 2010 at 8:42 AM, Andrew McCombe eupe...@gmail.com wrote: Hi I'm planning on adding some protection to our solr servers and would like to know what others are doing in this area. Basically I have a few solr cores running under tomcat6 and all use DH to populate the solr index. This is all behind a firewall and only accessible from certain IP addresses. Access to Solr Admin is open to anyone in the company and many use it for checking data is in the index and simple analysis. However, they can also trigger a full-import if they are careless (one of the cores takes 6 hours to ingest the data). What would be the recommended way of protecting things like the DIH functionality? HTTP Authentication via tomcat realms or are there any other solutions? Thanks Andrew McCombe iWeb Solutions
