Slap them firmly on the wrist if they do? The Solr admin is really designed with trusted users in mind. There are no provisions that I know of for securing some of the functions.
Your developers have access to the Solr server through the browser, right? They can do all of that via URL, see: http://wiki.apache.org/solr/CoreAdmin, they don't need to use the admin server at all. So unless you're willing to put a lot of effort into it, I don't think you really can lock it down. If you really don't trust them to not do bad things, set up a dev environment and lock them out of your production servers totally? Best Erick On Mon, Nov 12, 2012 at 12:41 PM, Michael Long <ml...@bizjournals.com>wrote: > I really like the new admin in solr 4.0, but specifically I don't want > developers to be able to unload, rename, swap, reload, optimize, or add > core. > > Any ideas on how I could still give access to the rest of the admin > without giving access to these? It is very helpful for them to have access > to the Query, Analysis, etc. >
