[
https://issues.apache.org/jira/browse/SOLR-1490?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Adam Foltzer updated SOLR-1490:
-------------------------------
Attachment: SOLR-1490.patch
I decided to go ahead and implement this. First, the new attributes in the
dataSource tag:
{{<dataSource type="URLDataSource" baseUrl="http://example.com";
user="exampleuser" password="examplepassword" />}}
Right now, it naively calls java.net.Authenticator.setDefault for every
URLDataSource.getData call. This is so that multiple URLDataSources can each
have different sets of credentials. I'm concerned, though, that this could
cause some nasty performance and/or concurrency issues.
A possible solution would be to have a single authenticator object as part of
the Context. It could match credentials up with requests based on matching
baseUrl with java.net.Authenticator.getRequestingURL. This would probably mean
baseUrls would have to be unique for any URLDataSource with credential
attributes. Thoughts?
Hope this helps :)
> URLDataSource should be able to handle HTTP authentication
> ----------------------------------------------------------
>
> Key: SOLR-1490
> URL: https://issues.apache.org/jira/browse/SOLR-1490
> Project: Solr
> Issue Type: Improvement
> Components: contrib - DataImportHandler
> Reporter: Adam Foltzer
> Attachments: SOLR-1490.patch
>
>
> Right now, there seems to be no way to provide HTTP authentication
> (username/password) to the URLDataSource. This makes any password-protected
> data sources inaccessible for indexing. I would try and add support myself,
> but with all things security-related, I'm fearful of shooting myself in the
> foot with systems I don't fully understand. Thanks for your time/feedback!
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
