Peter Sturge updated SOLR-1861:

    Attachment: SearchHandler.java

A small update to this patch to support distributed searches with multiple 

> HTTP Authentication for sharded queries
> ---------------------------------------
>                 Key: SOLR-1861
>                 URL: https://issues.apache.org/jira/browse/SOLR-1861
>             Project: Solr
>          Issue Type: Improvement
>          Components: search
>    Affects Versions: 1.4
>         Environment: Solr 1.4
>            Reporter: Peter Sturge
>            Priority: Minor
>         Attachments: SearchHandler.java, SearchHandler.java
> This issue came out of a requirement to have HTTP authentication for queries. 
> Currently, HTTP authentication works for querying single servers, but it's 
> not possible for distributed searches across multiple shards to receive 
> authenticated http requests.
> This patch adds the option for Solr clients to pass shard-specific http 
> credentials to SearchHandler, which can then use these credentials when 
> making http requests to shards.
> Here's how the patch works:
> A final constant String called {{shardcredentials}} acts as the name of the 
> SolrParams parameter key name.
> The format for the value associated with this key is a comma-delimited list 
> of colon-separated tokens:
> {{   
> shard0:port0:username0:password0,shard1:port1:username1:password1,shardN:portN:usernameN:passwordN
>   }}
> A client adds these parameters to their sharded request. 
> In the absence of {{shardcredentials}} and/or matching credentials, the patch 
> reverts to the existing behaviour of using a default http client (i.e. no 
> credentials). This ensures b/w compatibility.
> When SearchHandler receives the request, it passes the 'shardcredentials' 
> parameter to the HttpCommComponent via the submit() method.
> The HttpCommComponent parses the parameter string, and when it finds matching 
> credentials for a given shard, it creates an HttpClient object with those 
> credentials, and then sends the request using this.
> Note: Because the match comparison is a string compare (a.o.t. dns compare), 
> the host/ip names used in the shardcredentials parameters must match those 
> used in the shards parameter.
> Impl Notes:
> This patch is used and tested on the 1.4 release codebase. There weren't any 
> significant diffs between the 1.4 release and the latest trunk for 
> SearchHandler, so should be fine on other trunks, but I've only tested with 
> the 1.4 release code base.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

Reply via email to