Solr does not provide security (I believe Lucid EnterpriseWorks has something there).
You should keep Solr itself secure behind a firewall, and pass all requests through some intermediary that only allows sensible stuff through to Solr itself. That way, the DataImportHandler is accessible inside your firewall, and your search functionality is available outside. Upayavira On Mon, 09 May 2011 14:57 -0400, "Brian Lamb" <brian.l...@journalexperts.com> wrote: > Hi all, > > Is it possible to set up solr so that it will only execute dataimport > commands if they come from localhost? > > Right now, my application and my solr installation are on different > servers > so any requests are formatted http://domain:8983 instead of > http://localhost:8983. I am concerned that when I launch my application, > there will be the potential for abuse. Is the best solution to have > everything reside on the same server? > > What are some other solutions? > > Thanks, > > Brian Lamb > --- Enterprise Search Consultant at Sourcesense UK, Making Sense of Open Source