You are viewing a plain text version of this content. The canonical link for it is here.

Posted to solr-user@lucene.apache.org by Dinesh Babu <di...@pb.com> on 2016/06/13 12:53:34 UTC

Which handler handles calls to retrieve java properties and Cores

Hi,

My requirement is that Solr admin should not display any sensitive information for hackers to utilise.

I would like to suppress calls to java properties and cores (URLs given below). Means I don't want Solr return results for these URLs.
http://localhost:8080/solr/admin/info/properties?wt=json
http://localhost:8080/solr/admin/cores?wt=json

Does anyone know which handler handles these calls ( I commented out the admin handler, see below, in SolrConfig.xml. But no luck ). Or any other mechanism to stop returning java properties /cores information?

<requestHandler name="/admin/" class="solr.admin.AdminHandlers" />

Thanks,
Dinesh


________________________________