Hi All,
I am considering securing Solr with basic auth in glassfish using the
container, by adding to web.xml and adding sun-web.xml file to the
distributed WAR as below.
If using SolrJ to index files, how can I provide the credentials for
authentication to the http-client (or can someone point me in the
direction of the right documentation to do that or that will help me
make the appropriate modifications) ?
Also any comment on the below is appreciated.
Add this to web.xml
-----------------------------------------------
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>SomeRealm</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin Pages</web-resource-name>
<url-pattern>/admin</url-pattern>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method><http-method>POST</http-
method><http-method>PUT</http-method><http-method>TRACE</http-
method<http-method>HEAD</http-method><http-method>OPTIONS</http-
method><http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>SomeAdminRole</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Update Servlet</web-resource-name>
<url-pattern>/update/*</url-pattern>
<http-method>GET</http-method><http-method>POST</http-
method><http-method>PUT</http-method><http-method>TRACE</http-
method<http-method>HEAD</http-method><http-method>OPTIONS</http-
method><http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>SomeUpdateRole</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Select Servlet</web-resource-name>
<url-pattern>/select/*</url-pattern>
<http-method>GET</http-method><http-method>POST</http-
method><http-method>PUT</http-method><http-method>TRACE</http-
method<http-method>HEAD</http-method><http-method>OPTIONS</http-
method><http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>SomeSearchRole</role-name>
</auth-constraint>
</security-constraint>
-----------------------------------------------
Also add this as sun-web.xml
------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD
Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd
">
<sun-web-app error-url="">
<context-root>/Solr</context-root>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java
code.</description>
</property>
</jsp-config>
<security-role-mapping>
<role-name>SomeAdminRole</role-name>
<group-name>SomeAdminGroup</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>SomeUpdateRole</role-name>
<group-name>SomeUpdateGroup</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>SomeSearchRole</role-name>
<group-name>SomeSearchGroup</group-name>
</security-role-mapping>
</sun-web-app>
--------------------------------------------------
-Jon
---------------------------------------------------------------------
SECURITY/CONFIDENTIALITY WARNING:
This message and any attachments are intended solely for the individual or entity to which they are addressed. This communication may contain information that is privileged, confidential, or exempt from disclosure under applicable law (e.g., personal health information, research data, financial information). Because this e-mail has been sent without encryption, individuals other than the intended recipient may be able to view the information, forward it to others or tamper with the information without the knowledge or consent of the sender. If you are not the intended recipient, or the employee or person responsible for delivering the message to the intended recipient, any dissemination, distribution or copying of the communication is strictly prohibited. If you received the communication in error, please notify the sender immediately by replying to this message and deleting the message and any accompanying files from your system. If, due to the security risks, you do not wis
h to
receive further communications via e-mail, please reply to this message and inform the sender that you do not wish to receive further e-mail from the sender.
---------------------------------------------------------------------
