Secure Solr admin interface on Tomcat
博客专区 > nibilly 的博客 > 博客详情
Secure Solr admin interface on Tomcat
nibilly 发表于2年前
Secure Solr admin interface on Tomcat
  • 发表于 2年前
  • 阅读 22
  • 收藏 1
  • 点赞 0
  • 评论 0

腾讯云 十分钟定制你的第一个小程序>>>   

摘要: Solr 管理页面使用tomcat用户验证

http://www.sphinxconsultant.com/secure-solr-admin-interface-tomcat/

Sorl admin interface is powerful tool to manage cores, debugging and lot of other stuff. At same time this can be very dangerous tool, because this page is open to public by default. In this post we will see how to make this interface password protected so only authorized users can access it by providing a password.

We are using tomcat 7 and solr 4.3 and tomcat 4.6.1 on Centos server. You must have root rights to performance these changes.

Create Role and user in tomcat

We will need to define an new role and new user in tomcat. This can be done by editing tomcat-users.xml file. In my case this file is found at
/usr/share/apache-tomcat-7.0.50/conf/tomcat-users.xml
so open this file with nano or vi like this. Just before the ending tag add following lines

<!– for Solr –>
<role rolrename=”solr_manager_role”/>
<user username=”solr_admin” password=”SecretPassword” roles=”solr_manager_role”/>

These lines are defining a new role “solr_manager_role” and adding a new user “solr_admin” and assigning the solr_manager_role to it. Save the file after changes.

Now we need to tell Solr application to use this user to authenticate by this role. So open the web.xml file for Sorl. For my case it was

/usr/share/apache-tomcat-7.0.50/webapps/solr/WEB-INF/web.xml

. Your path may vary so be sure that you are editing the correct file.

Open this file with your favorite text editor and just before the closing tag , add following lines

<!– START secure admin –>
<!– Define a Security Constraint on this Application –>
<security-constraint>
<web-resource-collection>
<web-resource-name>Solr Admin</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>solr_manager_role</role-name>
</auth-constraint>
</security-constraint>

<!– Define the Login Configuration for this Application –>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Solr Admin Application</realm-name>
</login-config>

<!– Security roles referenced by this web application –>
<security-role>
<description>Solr Admin Role</description>
<role-name>solr_manager_role</role-name>
</security-role>
<!– END secure admin –>

Save the file after changes. Restart the tomcat and than browse to the solr admin application which is usually found at http://yourdomainorip:8080:/solr/. If every thing goes right you will see a password prompt. Put your user name and password defined in tomcat-users.xml and you will be able to see admin interface. This should make your Solr safe from public.

For optimizing Solr performance and quality of results please contact us

共有 人打赏支持
粉丝 13
博文 166
码字总数 40946
×
nibilly
如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!
* 金额(元)
¥1 ¥5 ¥10 ¥20 其他金额
打赏人
留言
* 支付类型
微信扫码支付
打赏金额:
已支付成功
打赏金额: