Securing Solr on Tomcat access using a user account

最新推荐文章于 2021-03-27 02:43:55 发布
最新推荐文章于 2021-03-27 02:43:55 发布
阅读量1.4k 收藏
点赞数
分类专栏: solr
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/baicp3/article/details/18506055
版权

  • Open [Tomcat install dir]\tomcat-users.xml for editing.

  • Add the following lines within the <tomcat-user> element and save the changes (using your own username and password):

    <role rolename="solr_admin"/>

<user username="your_username"
      password="your_password"
      roles="solr_admin"
      /> 

    Open [Tomcat install dir]\webapps\solr\WEB-INF\web.xml for editing.

    "solr" in the path is the name of the instance you want to secure. Typically this is "solr," but may be different if you are running an advanced setup. 

  • Add the following lines within the <web-app> element:

      <security-constraint>
    <web-resource-collection>
      <web-resource-name>Solr Lockdown</web-resource-name>
      <url-pattern>/</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>solr_admin</role-name>
      <role-name>admin</role-name>
    </auth-constraint>
  </security-constraint>
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Solr</realm-name>
  </login-config>

  • Save the changes and restart Tomcat. Test your changes by starting a new browser session and navigating to your site, for ex. http://localhost:8080/solr/. You should be prompted for credentials.

  • Download the following communityserver_override.config file.

  • Place this file in the root of your Web site directory.

  • Find the section in this file which is highlighted below and change it to read
    http://your_username:your_password@localhost:8080/solr
    replacing "your_username" and "your_password" and the host URI with the configured values

    ?
    1
    2
    3
    4
    5
    < Override xpath = "/CommunityServer/Search/Solr"  
               mode = "change"
               name = "host"
               value = "<span style=" background-color:#ffff00;">http://localhost:8080/solr</ span >"
               />

  • Save changes.



    本人的操作:

    1.tomcat的conf/tomcat-users.xml  添加

    <role rolename="solr_admin"/>

<user username="your_username"
      password="your_password"
      roles="solr_admin"
      /> 

    2.在


    解压solr.war 找到web.xml

    添加如下代码在<web-app></web-app> 元素中

     <security-constraint>
        <web-resource-collection>
          <web-resource-name>Solr select Lockdown</web-resource-name>
          <url-pattern>/cs/select/*</url-pattern>                           //任何用户都可以访问
        </web-resource-collection>
      </security-constraint>


      <security-constraint>
        <web-resource-collection>
          <web-resource-name>Solr Lockdown</web-resource-name>
          <url-pattern>/</url-pattern> 
        </web-resource-collection>


        <auth-constraint>
          <role-name>solr_admin</role-name>
        </auth-constraint>                      //管理员访问

      </security-constraint>


      <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>Solr</realm-name>
      </login-config> 





baicp3
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
solr_添加用户名密码
子龙修仙的博客
05-28 4270
页面直接访问页面:http://192.168.75.101:8983/solr/就可以在页面中操作各数据,安全性不好,因此希望给solr添加一个密码。 1. 修改web.xmlsolr-5.5.3/server/solr-webapp/webapp/WEB-INF/web.xml中添加如下内容  &lt;security-constraint&gt;    &lt;web-resource-co...
solr 8.11入门教程(5)账号密码
donggongai的博客
10-31 1815
https://solr.apache.org/guide/8_11/securing-solr.html 前面增加了访问白名单,这里再增加账号密码,这样区分一下同一个ip下的不同用户,进一步提升安全性。 1、jetty方式验证 我们这里使用的jetty模式启动。 1.1 创建user.properties文件 在solr-8.11.2/server/etc目录下创建user.properties,名字可以自己定义,与solr-jetty-context.xml中保持一致。 # # 这个文件定义用户名,密码
Securing a MySQL Server on Windows
sfz_roger的专栏
09-08 899
 By Mike Hillyerlast updated: February 1, 2005IntroductionAt the end of January 2005 a new worm-like malware named Forbot spread across the Internet, targeting poorly configured MySQL installati
Securing tomcat(安全加固)
IOT之无线网络传输技术
02-22 1950
Status * Content should provide a link and references to - SecureTomcat - http://securetomcat.googlecode.com Released 14/1/2007 Author Darren Edmonds Introduction Most weaknesses in
How to Run MySQL as a Normal User
u013226430的博客
03-25 92
User On Windows, you can run the server as a Windows service using a normal user account. On Linux, for installations performed using a MySQL repository or RPM packages, the MySQL server mysqld should be started by the local mysql operating system user. St
ubuntu mysql access denied,Ubuntu安装/配置MySQL及root用户access denied报错解决
weixin_42465051的博客
03-27 480
安装MySQLsudo apt-get upgradesudo apt-get install mysql-serversudo apt-get install mysql-client运行截图配置a. 初始化配置sudo mysql_secure_installationSecuring the MySQL server deployment.Connecting to MySQL using ...
Raspberry Pi: Remote GUI access to a Linux computer using Tightvnc
`!_`5 81_09
05-19 987
DescriptionThe command line is a great way to manage a remote Linux computer if you don’t mind typing in commands, but sometimes you need to be able to view a GUI. Short of a very long cable one of the
xml中1字节的UTF-8序列的字节1无效
baicp3的专栏
12-04 4098
这是自己遇到的,原来解决方案是这样的: 把xml的encoding属性值UTF-8改为UTF8,很神奇,具体为什么也不清楚!
solr data-config.xml配置文件的见解mysql数据源
baicp3的专栏
10-16 3601
陆续完善: data-config.xml配置文件 entity name="product" dataSource="chishang" query="select id,'艺术品' cat,artists,content  'introduction',DATE_FORMAT(last_modified,'%Y-%m-%d') last_modified,focus,price,
solr 返回的json数据
baicp3的专栏
10-18 2075
上图 json为solr 返回的json数据 一下代码都是在js中操作 var property1Value = json.facet_counts.facet_fields["property1"];    这里传入的是字符串property1  因而要用双引号,也可以传入property1 property2 property3 property4 property5 和type 这
Solr SchemaXml 一些解读
baicp3的专栏
01-14 1969
Solr SchemaXml 一些解读 博客分类:  Apache Solr   The schema.xml file contains all of the details about which fields your documents can contain, and how those fields should be dealt with when add
本人自己项目中应用solr并取得需要的值
baicp3的专栏
07-04 1415
java代码中拼装solr 搜索的url  例如:java代码拼装出这样的http://localhost:8080/s/cj/select?q=*%3A*&wt=xml&indent=true  然后通过 $(function() {      dosearch(); }); function dosearch() {     var url = "${query}";     $
tomcat7 集成 solr4.3.1
baicp3的专栏
11-10 1382
本例使用的是:tomcat :apache-tomcat-7.0.41                            Solr   : solr-4.3.1   步骤一:将下载下来的,solr-conf下的solr 文件拷贝到你机器的tomcat的webapps目录下   步骤二:Solr usesUTF-8 file encoding. That means that we n
solr schema.xml配置文件的理解
baicp3的专栏
10-21 1196
data-config.xml中的 语句的理解   1.只有index=true 的字段才能做facet.field的字段,同时只有index=true该字段才能当做搜索的内容  当然store=true或者false没关系 2.store=true的好处是,从页面获取的json数据,如果该字段设置store=true则可以通过json获取该字段 同时才会在solr界面上显示 3.
solr 取参数的 用法
baicp3的专栏
02-10 1029
直接上图看吧 看我如何去year price brand tpye等 json.response.numFound  (总共多少个) json.response.docs.length   (通过分页获取到多少个) json.facet_counts.facet_fields.p3 json.facet_counts.facet_fields.type
QtConcurrent run 成员函数demo
07-29
使用Qtconcurrent run 成员函数demo
使用智能手机、智能手表和智能眼镜的人类活动数据集
最新发布
07-29
使用智能手机、智能手表和智能眼镜的人类活动数据集 数据说明: 人类移动性和活动的研究在过去开启了数量惊人的研究,其中大多数包括使用分布在受试者身体上的传感器。最近,智能设备的使用尤为相关,因为它们无处不在,并且带有精确的微型传感器。无论是智能手机、智能手表还是智能眼镜,每种设备都可以用来描述补充信息,如情绪、精确的运动或环境条件。 首先,智能手机主要用于捕获上下文数据。使用两种应用程序:一种是基于SWIPE开源传感系统(SWIPE)的简单数据收集应用程序,以及用于获取用户活动真实数据(TimeLogger)的日志应用程序。SWIPE是一个使用智能手表和智能手机进行传感、记录和处理人类动态的平台。 智能手表主要用来捕捉使用者的心率。运动数据也被收集,但由于需要配置低采样频率,因此不处于数据集的核心,这将极大地增加数据集并消耗电池。使用基于SWIPE的应用程序。 最后,使用JINS MEME智能眼镜。该型号的优点是体积小,携带方便。它没有摄像头或屏幕:它只有三种传感器:加速度计(用于检测步数或活陀螺仪(用于头部运动)和眼动仪传感器(眨眼、眼睛方向)。使用JINSMEME的官方DataLog
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) windows
04-01
This error message indicates that the user 'root' is being denied access to the database server on the local machine. This could be due to a number of factors, such as an incorrect password or insufficient permissions. To resolve this issue, you can try the following steps: 1. Double-check that you are using the correct username and password for the 'root' user. Make sure that you are not inadvertently using the wrong password or a different account. 2. Check that the 'root' user has the necessary permissions to access the database server. You may need to grant additional privileges to the 'root' user, depending on your specific configuration. 3. Verify that the MySQL server is running and accessible. If the server is not running or is not responding, you may need to restart it or troubleshoot the underlying issue. 4. If all else fails, you can try resetting the 'root' user's password using the MySQL command line client. This may require access to the server's administrative account or other privileged credentials. Overall, resolving this error will require some troubleshooting and potentially making changes to your system's configuration. It is important to proceed carefully and follow best practices for securing your database server and protecting sensitive data.
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值