Restrict Solr Admin Access

We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.

Restrict Solr Admin Access

We aggregate and tag open source projects. We have collections of more than one million projects. Check out the projects section.

Solr is a search engine built on top of Lucene. It supports REST interface and has lot of built-in capabilities. Solr package has Admin UI interface which has support to perform query and even delete the contents of the index. If you are using Solr in production then you may need to restrict access. I saw couple of questions in the group related to this topic. Thought to write an article explaining few tips to restrict the user access to Solr admin UI.

Below are the tips to restrict access to the Solr admin UI but Solr clients will work as usual. This is with respect to Tomcat.

Simple method: This method helps to restrict the access but administrator could access the UI.

Rename or remove index.jsp
Rename admin folder to some other name, say admin-xyz
Access the admin UI using http://localhost/solr/admin-xyz

Restrict access to all users: Copy the below xml and paste it in web.xml available under . This will restrict access to all users including administrator.


   <security-constraint>

		 <web-resource-collection>

		 <web-resource-name>

		  Restrict access to Solr admin

		</web-resource-name>

		 <url-pattern>/admin/*</url-pattern>

		 <http-method>DELETE</http-method>

		 <http-method>GET</http-method>

		 <http-method>POST</http-method>

		 <http-method>PUT</http-method>

		 </web-resource-collection>

		 <auth-constraint />

		 <user-data-constraint>

		 <transport-guarantee>NONE</transport-guarantee>

		 </user-data-constraint>

	</security-constraint>

Restrict access, but allow privileged user: Sometimes we may need to restrict access to normal users but administrator might want to access the admin interface. In this case, Add username and password information to tomcat-users.xml and do the below change to get access to the privileged user.
Add user information to tomcat-users.xml


	<user username="admin" password="new-password" roles="admin, manager"/>

Add below xml to web.xml


   <security-constraint>

		 <web-resource-collection>

		 <web-resource-name>

		  Restrict access to Solr admin

		</web-resource-name>

		 <url-pattern>/admin/*</url-pattern>

		 <http-method>DELETE</http-method>

		 <http-method>GET</http-method>

		 <http-method>POST</http-method>

		 <http-method>PUT</http-method>

		 </web-resource-collection>

		 <auth-constraint >

		 <role-name>manager</role-name>
		 </auth-constraint>
		 <user-data-constraint>

		 <transport-guarantee>NONE</transport-guarantee>

		 </user-data-constraint>

	</security-constraint>

	

	<login-config>

		<auth-method>BASIC</auth-method>

		<realm-name>default</realm-name>

	</login-config>

Conclusion: If you are using Solr in production then better remove the admin folder and don't package it. In case there is any issue, there are sufficient logs to analyze it.

We aggregate and tag open source projects. We have collections of more than one million projects. Check out the projects section.

8 Best Open Source Searchengines built on top of Lucene

Lucene is most powerful and widely used Search engine. Here is the list of 7 search engines which is built on top of Lucene. You could imagine how powerful they are.

Lucene Vs Solr

Lucene is a search library built in Java. Solr is a web application built on top of Lucene. Certainly Solr = Lucene + Added features. Often there would a question, when to choose Solr and when to choose Lucene.

An introduction to LucidWorks Enterprise Search

Lucidworks Enterprise search solution is built on top of Apache Solr. It scales seamlessly w/sub-second response times under extreme query loads for multi-billion document collections. It has user friendly UI, which does all the job of configuration and search.

Whats new in Lucene / Solr 4.0

The release 4.0 is one of the important milestone for Lucene and Solr. It has lot of new features and performance important. Few important ones are highliggted in this article.

Why require Searchengine? Why not use database for full text search in Enterprise application.

Most of the database has support of full text search, basically indexing and saarching. MySQL, Oracle and many more databases has in-built full text search. Then what is the need to go for external search engine like Lucene, Sphinx, Solr etc. Check out the advantage of using Searchengine.

Lucene / Solr as NoSQL database

Lucene and Solr are most popular and widely used search engine. It indexes the content and delivers the search result faster. It has all capabilities of NoSQL database. This article describes about its pros and cons.

Why Elastic Search is gaining more popularity than Solr?

Solr and Elastic Search both are built on top of Lucene library. Both are compratively equal. Any new feature / enhancement which get introduced in Lucene, will also get added to Solr. But still Elastic Search which uses Lucene as it core gained more popularity than Solr in recent years.

Solr vs Elastic Search

Solr and Elastic Search are built on top of Lucene. Both are open source and both have extra features which makes programmer life easy. This article explains the difference and the best situation to choose between them.

LucidWorks Vs SearchBlox - Enterprise Search Solution

Enterprise search software should be capable to search the data available in the entire organization or personnel desktop. The data could be in File system, Web or in Database. It should search contents of Emails, file formats like doc, xls, ppt, pdf and lot more. There are many commercial products available but LucidWorks and SearchBlox are best and free.

Top 15 Open source alternative to Microsoft products

Microsoft is monopoly in the commercial software. Here are 15 best alternatives to most popular and widely used Microsoft products.

LogicalDOC - Open Source DMS

LogicalDOC is both a document management and a collaboration system. The software is loaded with many functions and allows organizing, indexing, retrieving, controlling and distributing important business documents securely and safely for any organization and individual.

How to make money from Open Source

As open source getting popular day by day, many have questions like How to make money from Open Source? Lot more products are getting introduced and don't know who is making money. Certainly open source means, give the product and source for free then how to make money? Yes sell the product for free but get paid for its services.

Git vs Subversion

Git and Subversion are most popular and widely used version control system. What is the best situation to choose them? It is important to know its pros and cons, evaluate your requirement and choose the right one.

How to create SEO friendly url

SEO friendly URL is recommended for any website which wants to be indexed and wants its presence in search results. Searchengine mostly index the static URL. It will avoid the URL which has lot of query strings. Almost all websites generate content dynamically then how could the URL be static. That is the job of the programmer.

Microweber CMS - An open source CMS with Ecommerce support

To the user's satisfaction, there is a whole wide world of different CMS, all suitable for different needs. You can go for the giants like Wordpress or Joomla or pick one of the rising forces - Shopify, Squarespace or others. Microweber CMS fills a hole in the current technological ecosystem, aimed at delivering a light software that is perfect for all end-users lacking the technical knowledge needed for complicated website building.

10 sites to get the large data set or data corpus for free

You may require GBs of data to do performance or load testing. How your app behaves when there is loads of data. You need to know the capacity of your application. This is the frequently asked question from the sales team "The customer is having 100GB of data and he wants to know whether our product will handle this? If so how much RAM / Disk storage required?". This article has pointers to the large data corpus.

SeoToaster: easy, fast and efficient open source CMS for top SEO performance

SeoToaster is a free Open Source CMS & Ecommerce solution to build, manage and market websites optimized for for top search engine performance. As the name implies, Seo Toaster is to date the only content management system (CMS) to truly integrate SEO execution and web marketing automation technology in full compliance with the search engines industry’s best practices.

Web based commenting system. Embed directly in to your site

Comments are very important for a blog or website to get feedback from their users. Comments could be threaded where users could be discuss and post reply to the comment. Here we going discuss about the most popular and widely used free commenting system. You need to embed their javascript code in your every page and it will take care the rest of the task.

Is ZooKeeper mandatory for Cloud

Cloud is nothing but more than one system or application distributed across the network, across the globe. It may have couple of application servers, database server, shared data storage, backup server and lot more. The resources in the distributed environment must have information about each other so that they could co-ordinate and share without any issues. ZooKeeper helps to do that.

4 Free Code Snippets Hosting Sites

Most of us would be familar about the project hosting sites like sourceforge, github etc. These sites hosts the complete project, documentation and has a means to track bugs etc. Sometimes we may need to host the simple pieace of code which we may be want to share it with our friends or to post the link in the forum to discuss more about the code.