And another option: implement simple proxy between SolrJ and rest of world...
As I understand in your design SOLR is behind Proxy which needs Cookie. What I can't understand is: your web application uses SSO for authentication, and it uses SolrJ to retrieve results from SOLR and present it to end users as HTML. So why SolrJ is a client to SSO? It's the same as trying to inject cookie into Oracle JDBC which needs to contact SSO using user identity due to wrong design... > The cookie is needed to be able to get through the SSO layer but will > just be ignored by Solr.
