[
https://issues.apache.org/jira/browse/OFBIZ-5042?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14732436#comment-14732436
]
Shi Jinghai commented on OFBIZ-5042:
------------------------------------
I added permission check on /update, /update/json, /update/csv and
/update/extract requests in trunk rev. 1701495. These requests are defined in
an index's solrconfig.xml.
Test case steps:
1. To make test the permission check on solr update requests easier, you can
change session time out to 1 minute in
specialpurpose/solr/webapp/solr/WEB-INF/web.xml.
2. Login solr, in "Core Selector" choose "solrdefault" -> "Documents", click
"Submit Document", the response of this request will be "success".
3. Wait session timeout and click "Submit Document", the response will be
"error", "Unauthorized" (http response code 401). If the user has logged in and
doesn't have permission, the response will be error 403.
> Apache Solr Implementation
> --------------------------
>
> Key: OFBIZ-5042
> URL: https://issues.apache.org/jira/browse/OFBIZ-5042
> Project: OFBiz
> Issue Type: Improvement
> Components: specialpurpose/solr
> Reporter: Paul Piper
> Assignee: Jacques Le Roux
> Labels: component, feature, solr
> Attachments: 2013-07-30 11 52 52.png, OFBIZ-5042 - solr in
> specialpurpose.patch, OFBIZ-5042 - solr in specialpurpose.patch, OFBIZ-5042 -
> solr in specialpurpose.patch, OFBIZ-5042-OFBizComponent.patch,
> OFBIZ-5042-OriginalDescription.txt, ofbiz-solr-logo-screenshot.jpg,
> ofbiz-solr-logo.png, solr in specialpurpose splitted.z01, solr in
> specialpurpose splitted.z02, solr in specialpurpose splitted.zip, solr in
> specialpurpose.zip, solr-v1.00-r4284.zip
>
>
> Apache Solr, a modern search engine, seems to be one of the most commonly
> requested feature within the OFBiz community.
> The original text of the description can be found under the attachments.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
