solr后台自带是没有登录功能的,默认访问地址是:http://localhost:8983/solr/#/(内置jetty运行)。
要给sorl后台增加登录验证方法:
1、使用web服务器的登录验证(例如jetty、tomcat)
这种方式好处是不需要另外写代码,只需配置一下对应的web服务器就行了。
2、使用web过滤器过滤地址验证
这种方法是更加灵活,缺点是需要点代码开发。
本文介绍的是第二种方法:
SolrLoginFilter.java
package com.penngo.solr;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
public class SolrLoginFilter implements Filter {
public void init(FilterConfig config) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest)request;
HttpServletResponse httpResponse = (HttpServletResponse)response;
HttpSession session = httpRequest.getSession();
String url = httpRequest.getRequestURL().toString();
String userAgent = httpRequest.getHeader("user-agent");
String query = httpRequest.getQueryString();
String servletPath = httpRequest.getServletPath();
String contextPath = httpRequest.getContextPath();
System.out.println("url======="
+ ", url:" + url + ", servletPath:" + servletPath + ", contextPath:" + contextPath + ", query:" + query
+ ", userAgent:" + userAgent);
Object isLogin = session.getAttribute("isLogin");
if(isLogin == null || ((boolean)isLogin) != true) {
String user = StringUtils.isEmpty(request.getParameter("user")) == false ? request.getParameter("user") : "";
String password = StringUtils.isEmpty(request.getParameter("password")) == false ? request.getParameter("password") : "";
if(user.equals("admin") == true && password.equals("123") == true) {
session.setAttribute("isLogin", true);
httpResponse.sendRedirect(contextPath);
return;
}
else {
httpRequest.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
out.println(loginPage());
out.close();
return;
}
}
chain.doFilter(request, response);
}
public void destroy() {
}
private String loginPage() {
String page = "<html>\n"
+ "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n"
+ "<body>\n"
+ "<form action=\"/solr/login\">\n"
+ "用户名:<input type=\"text\" name=\"user\" value=\"\"></br></br>\n"
+ "密  码:<input type=\"password\" name=\"password\"></br></br>\n"
+ "<button type=\"submit\" >登录 </button>\n"
+ "</form>\n"
+ "</body\n"
+ "</html>";
return page;
}
}
在原来的web.xml中增加过滤器配置
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5"
metadata-complete="true"
>
<!-- 配置登录过滤器 -->
<filter>
<filter-name>SolrLoginFilter</filter-name>
<filter-class>com.penngo.solr.SolrLoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SolrLoginFilter</filter-name>
<url-pattern>/</url-pattern>
</filter-mapping>
<!-- 配置登录过滤器 -->
<!-- Any path (name) registered in solrconfig.xml will be sent to that filter -->
<filter>
<filter-name>SolrRequestFilter</filter-name>
<filter-class>org.apache.solr.servlet.SolrDispatchFilter</filter-class>
<!--
Exclude patterns is a list of directories that would be short circuited by the
SolrDispatchFilter. It includes all Admin UI related static content.
NOTE: It is NOT a pattern but only matches the start of the HTTP ServletPath.
-->
<init-param>
<param-name>excludePatterns</param-name>
<param-value>/partials/.+,/libs/.+,/css/.+,/js/.+,/img/.+,/templates/.+</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>SolrRequestFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>LoadAdminUI</servlet-name>
<servlet-class>org.apache.solr.servlet.LoadAdminUiServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>SolrRestApi</servlet-name>
<servlet-class>org.restlet.ext.servlet.ServerServlet</servlet-class>
<init-param>
<param-name>org.restlet.application</param-name>
<param-value>org.apache.solr.rest.SolrSchemaRestApi</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>LoadAdminUI</servlet-name>
<url-pattern>/index.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SolrRestApi</servlet-name>
<url-pattern>/schema/*</url-pattern>
</servlet-mapping>
<mime-mapping>
<extension>.xsl</extension>
<!-- per http://www.w3.org/TR/2006/PR-xslt20-20061121/ -->
<mime-type>application/xslt+xml</mime-type>
</mime-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<!-- Get rid of error message -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Disable TRACE</web-resource-name>
<url-pattern>/</url-pattern>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint/>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Enable everything but TRACE</web-resource-name>
<url-pattern>/</url-pattern>
<http-method-omission>TRACE</http-method-omission>
</web-resource-collection>
</security-constraint>
</web-app>
运行结果: