On 5/14/2018 3:13 PM, Terry Steichen wrote: > I posted this note because I've not seen list comments pertaining to the > job of actually locating and retrieving hitlist documents.
How documents are retrieved will be highly dependent on your setup. Here's how things usually go: If the original data came from a database, then the system where people do their searches should know how to talk to the database, and use information in the search results to look up the full original document in the database. If the source data is on a file server, then the system where people do their searches will need to have the file server storage mounted. It will then use information in the search results to access the full original document. Ditto for any other kind of canonical data store with Solr as the search engine. The system where searches are done will be implemented by you. It will be up to that system to handle any kind of security filtering for both Solr searches and document access. Solr should not be exposed directly to end users. Most of the time, what's in Solr is not particularly sensitive ... but when Solr is exposed to people who cannot be trusted, those end users may be able to change or delete any data in Solr. They might also be able to send denial of service queries directly to Solr. Thanks, Shawn
