Solr does not do security itself. Servlet containers usually
support
various security options: account/password through HTTP
authentication
(very weak security) and certificates (very strong security)
are what I
would look at first.
Lance
-----Original Message-----
From: Wagner,Harry [mailto:wagnerh oclc.org]
Sent: Wednesday, October 24, 2007 9:25 AM
To: solr-userlucene.apache.org
Subject: RE: Solr and security
One effective method is to block access to the port Solr
runs on. Force
application access to come thru the HTTP server, and let it
map to the
application server (i.e., like mod_jk does for for Apache
& Tomcat).
Simple, but effective.
Cheers!
harry
-----Original Message-----
From: Cool Coder [mailto:techcool.krishnayahoo.com]
Sent: Wednesday, October 24, 2007 12:17 PM
To: solr-userlucene.apache.org
Subject: Solr and security
Hi Group,
As far as I know, to use solr, we need to
deploy it as a
server and communicate to solr using http protocol. How
about its
security? i.e. how can we ensure that it only accepts
request from
predefined set of users only. Is there any way we can
specify this in
solr or solr depends only on web server security model. I am
not sure
whether my interpretation is right?
Your suggestion/input?
- BR
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection
around
http://mail.yahoo.com
|