No, solr security is (unfortunately) open-by-default. So if you only want to require auth for the collection API, then your security.json would have blockUnknown=false, and only tie the users to an "admin" role, which you then link to the well-defined permission "collection-admin-edit". If you have just this one permission, then all other requests will "fall through" and end up un-protected. But once you attempt a collection edit operation you'll need a user and pass.
Jan > 16. feb. 2023 kl. 14:48 skrev Paul Ryder <p...@greenwaymediatech.com>: > > Hi, > > Wouldn’t that require all applications to access Solr with a user/pw? > > ta! Paul > > Get Outlook for iOS<https://aka.ms/o0ukef> > ________________________________ > From: Eric Pugh <ep...@opensourceconnections.com> > Sent: Thursday, February 16, 2023 12:43:11 PM > To: users@solr.apache.org <users@solr.apache.org> > Subject: Re: Solr Admin Panel Security > > Humm.. Have you tried a combination of blockUnknown=false, but also setting > up user/pw for the write side? Also, one thing I’ve done is to set up a > Basic Auth account, and provide the username/passwrod in the Realm message ;-) > > https://github.com/querqy/chorus/blob/main/solr/security.json#L23 > <https://github.com/querqy/chorus/blob/main/solr/security.json#L23> shows an > example, obviously you wouldn’t want to communicate the Admin permissions! > > >> On Feb 16, 2023, at 7:05 AM, Paul Ryder <p...@greenwaymediatech.com> wrote: >> >> Hi All >> >> Is there any way to make access to the Solr admin screen read only? >> >> We have a bunch of users who'd like to monitor errors and do the occasional >> ad-hoc query but I'm worried that they could drop cores or cause other mayhem >> >> I know we can implement the Solr security but that would mean all apps would >> need to be updated to use a user/pw (which they don't currently) >> >> I'm looking for something which protects the admin panel only... >> >> Any ideas? >> >> Thanks, Paul > > _______________________ > Eric Pugh | Founder & CEO | OpenSource Connections, LLC | 434.466.1467 | > http://www.opensourceconnections.com <http://www.opensourceconnections.com/> > | My Free/Busy <http://tinyurl.com/eric-cal> > Co-Author: Apache Solr Enterprise Search Server, 3rd Ed > <https://www.packtpub.com/big-data-and-business-intelligence/apache-solr-enterprise-search-server-third-edition-raw> > This e-mail and all contents, including attachments, is considered to be > Company Confidential unless explicitly stated otherwise, regardless of > whether attachments are marked as such. >
