You are viewing a plain text version of this content. The canonical link for it is here.

Posted to solr-user@lucene.apache.org by Duane Gran <dm...@Virginia.EDU> on 2006/12/07 14:37:04 UTC

securing solr

All,

I don't have a firewall configured in my environment and I'm trying  
to add a layer of security such that requests to solr are only  
accepted from the localhost.  I could live with user authentication,  
but IP-based access control is preferable for our needs.  This veers  
into jetty configuration, but I found the documentation for using the  
IPAccessHandler lacking.

Has anyone gotten this to work?  If so, would you mind sharing your  
configuration?  General tips on securing solr are most welcome.

Duane Gran

Re: securing solr

Posted by Mike Klaas <mi...@gmail.com>.

On 12/7/06, Duane Gran <dm...@virginia.edu> wrote:
> All,
>
> I don't have a firewall configured in my environment and I'm trying
> to add a layer of security such that requests to solr are only
> accepted from the localhost.  I could live with user authentication,
> but IP-based access control is preferable for our needs.  This veers
> into jetty configuration, but I found the documentation for using the
> IPAccessHandler lacking.
>
> Has anyone gotten this to work?  If so, would you mind sharing your
> configuration?  General tips on securing solr are most welcome.

Yep.  In the addListener definition in jetty.xml, add the following:

<Set name="Host">localhost</Set>

-Mike