文档章节

Secure Solr admin interface on Tomcat

n
 nibilly
发布于 2015/12/15 15:30
字数 400
阅读 28
收藏 1

http://www.sphinxconsultant.com/secure-solr-admin-interface-tomcat/

Sorl admin interface is powerful tool to manage cores, debugging and lot of other stuff. At same time this can be very dangerous tool, because this page is open to public by default. In this post we will see how to make this interface password protected so only authorized users can access it by providing a password.

We are using tomcat 7 and solr 4.3 and tomcat 4.6.1 on Centos server. You must have root rights to performance these changes.

Create Role and user in tomcat

We will need to define an new role and new user in tomcat. This can be done by editing tomcat-users.xml file. In my case this file is found at
/usr/share/apache-tomcat-7.0.50/conf/tomcat-users.xml
so open this file with nano or vi like this. Just before the ending tag add following lines

<!– for Solr –>
<role rolrename=”solr_manager_role”/>
<user username=”solr_admin” password=”SecretPassword” roles=”solr_manager_role”/>

These lines are defining a new role “solr_manager_role” and adding a new user “solr_admin” and assigning the solr_manager_role to it. Save the file after changes.

Now we need to tell Solr application to use this user to authenticate by this role. So open the web.xml file for Sorl. For my case it was

/usr/share/apache-tomcat-7.0.50/webapps/solr/WEB-INF/web.xml

. Your path may vary so be sure that you are editing the correct file.

Open this file with your favorite text editor and just before the closing tag , add following lines

<!– START secure admin –>
<!– Define a Security Constraint on this Application –>
<security-constraint>
<web-resource-collection>
<web-resource-name>Solr Admin</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>solr_manager_role</role-name>
</auth-constraint>
</security-constraint>

<!– Define the Login Configuration for this Application –>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Solr Admin Application</realm-name>
</login-config>

<!– Security roles referenced by this web application –>
<security-role>
<description>Solr Admin Role</description>
<role-name>solr_manager_role</role-name>
</security-role>
<!– END secure admin –>

Save the file after changes. Restart the tomcat and than browse to the solr admin application which is usually found at http://yourdomainorip:8080:/solr/. If every thing goes right you will see a password prompt. Put your user name and password defined in tomcat-users.xml and you will be able to see admin interface. This should make your Solr safe from public.

For optimizing Solr performance and quality of results please contact us

本文转载自:http://www.sphinxconsultant.com/secure-solr-admin-interface-tomcat/

共有 人打赏支持
n
粉丝 14
博文 180
码字总数 41779
作品 0
厦门
私信 提问
使用Solr构建企业级的全文检索(二)---------管理界面简介

昨天这个系列开篇了,今天就趁热打铁吧。有一点要注意的是,一开始我是在64位的Windows 7上的Tomcat中部署Solr的,在使用过程中发现非常的不稳定,经常添加两个文档或者是查询一两次后,tom...

嗯哼9925
2017/11/08
0
0
solr重启导致数据丢失,与solr.war的修改有关系吗?

我们的solr路径是这样的 tomcat\webapp\solr\solr 今天修补无需帐号就可登录solr admin页面的漏洞时我们同时删掉了tomcat\webapp\solr\solr下的admin文件夹与tomcat\webapp\solr\下solr.war压...

耳朵的水
2013/11/05
729
2
SOLR4.6 安装、Tomcat 发布

前段工作需要,研究了下solr 用的是solr4.6版本,今天把基本的solr发布到Tomcat的步骤总结一下 1. 需要安装JDK: 我安装的是1.7.0 2.安装ant: 版本:Apache Ant(TM) version 1.8.2 ( apache...

David_Tio
2013/12/26
0
0
【solr5.5环境搭建】在tomcat8里面部署solr5.5

1.准备基础环境 基于jdk1.7+tomcat8 +windows7,这里这些东西的配置就不说了 2.去官网下载solr5.5zip的包 http://mirror.bit.edu.cn/apache/lucene/solr/5.5.0/,选择zip的包,然后下载到本地...

ALAI丶
2016/02/25
10.1K
18
solr5.5.0+tomcate8部署 一

一、下载 1.下载tomcat 8,另外可以根据系统下载 32 位或者64位版本 https://tomcat.apache.org/download-80.cgi 2.下载solr5.5.0, http://apache.fayea.com/lucene/solr/ 二、解压 1.解压 ...

ruanjun
2016/05/15
63
0

没有更多内容

加载失败,请刷新页面

加载更多

Netty 备录 (一)

入职新公司不久,修修补补1个月的bug,来了点实战性的技术---基于netty即时通信 还好之前对socket有所使用及了解,入手netty应该不是很难吧,好吧,的确有点难,刚看这玩意的时候,可能都不知道哪里...

_大侠__
昨天
4
0
Django简单介绍和用户访问流程

Python下有许多款不同的 Web 框架。Django是重量级选手中最有代表性的一位。许多成功的网站和APP都基于Django。 Django是一个开放源代码的Web应用框架,由Python写成。 Django遵守BSD版权,初...

枫叶云
昨天
7
0
EOS错误代码及中文释义

本文集汇总了EOS区块链常见错误代码及其含义,完整错误代码集请查看 EOS错误代码集 - 汇智网 EOS错误代码列表如下, <table class="table table-striped"> <thead> <tr><th>错误代码</th><t......

汇智网教程
昨天
2
0
Spring Cloud Stream消费失败后的处理策略(四):重新入队(RabbitMQ)

应用场景 之前我们已经通过《Spring Cloud Stream消费失败后的处理策略(一):自动重试》一文介绍了Spring Cloud Stream默认的消息重试功能。本文将介绍RabbitMQ的binder提供的另外一种重试...

程序猿DD
昨天
4
0
kiss原则

KISS 原则是用户体验的高层境界,简单地理解这句话,就是要把一个产品做得连白痴都会用,因而也被称为“懒人原则”。换句话说来,”简单就是美“。KISS 原则源于 David Mamet(大卫马梅)的电...

NB-One
昨天
14
0

没有更多内容

加载失败,请刷新页面

加载更多

返回顶部
顶部