Securing Solr on Tomcat access using a user account-蒲公英云

Securing Solr on Tomcat access using a user account

小咪咪 2022-09-20 12:55 178阅读 0赞

Open [Tomcat install dir]\tomcat-users.xml for editing.
Add the following lines within the element and save the changes (using your own username and password):
```
<role rolename="solr_admin"/>
<user username="your_username"
      password="your_password"
      roles="solr_admin"
      /> 
```
Open [Tomcat install dir]\webapps\solr\WEB-INF\web.xml for editing.

“solr“ in the path is the name of the instance you want to secure. Typically this is “solr,” but may be different if you are running an advanced setup.

Add the following lines within the element:

<security-constraint>
    <web-resource-collection>
      <web-resource-name>Solr Lockdown</web-resource-name>
      <url-pattern>/</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>solr_admin</role-name>
      <role-name>admin</role-name>
    </auth-constraint>
  </security-constraint>
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Solr</realm-name>
  </login-config>

Save the changes and restart Tomcat. Test your changes by starting a new browser session and navigating to your site, for ex. http://localhost:8080/solr/. You should be prompted for credentials.
Download the following communityserver_override.config file.
Place this file in the root of your Web site directory.

Find the section in this file which is highlighted below and change it to read
http://**your\_username**:**your\_password**@localhost:8080/solr
replacing “your_username” and “your_password” and the host URI with the configured values

1

2

3

4

5

      <
      Override
      xpath
      =
      “/CommunityServer/Search/Solr”  
     

                
      mode
      =
      “change”
     

                
      name
      =
      “host”
     

                
      value
      =
      “<span style=”
      background-color:#ffff00;”>http://localhost:8080/solr</
      span
      >”
     

/>

Save changes.

本人的操作：
1.tomcat的conf/tomcat-users.xml 添加
    <role rolename="solr_admin"/>
    <user username="your_username"
          password="your_password"
          roles="solr_admin"
          /> 
2.在![SouthEast][]
解压solr.war 找到web.xml
添加如下代码在<web-app></web-app> 元素中
<security-constraint>  
<web-resource-collection>  
<web-resource-name>Solr select Lockdown</web-resource-name>  
<url-pattern>/cs/select/\*</url-pattern> //任何用户都可以访问  
</web-resource-collection>  
</security-constraint>  
<security-constraint>  
<web-resource-collection>  
<web-resource-name>Solr Lockdown</web-resource-name>  
<url-pattern>/</url-pattern>  
</web-resource-collection>
<auth-constraint>  
<role-name>solr\_admin</role-name>  
</auth-constraint> //管理员访问
</security-constraint>
<login-config>  
<auth-method>BASIC</auth-method>  
<realm-name>Solr</realm-name>  
</login-config>