How to secure solr 6 admin page

Installed Solr6.1 on Ubuntu14 and imported data from MySql table. Can somebody guide me how to secure mydomain/ip:8983/solr from public.

I tried instructions given on https://cwiki.apache.org/confluence/display/solr/Basic+Authentication+Plugin but zookeepr connection failed while adding security.json.

回答1:

First of all go to your webdefault.xml present in etc directory . Put follwing lines in your web.xml .

<login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>samplerealm</realm-name>
    </login-config>

 <security-constraint>
        <web-resource-collection>
            <web-resource-name>Secure resources</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>user</role-name>
        </auth-constraint>
    </security-constraint>

In etc folder, create a samplerealm.txt file and add follwing content to that file user1: user1pass,user . Here user1 is your username and user1pass is the password , for the role user which you just defined in web.xml. After that go to jetty.xml file in your etc folder and look for following line <Configure id="Server" class="org.eclipse.jetty.server.Server"> Just below this line paste the following code :

  <Call name="addBean">
    <Arg>
      <New class="org.eclipse.jetty.security.HashLoginService">
        <Set name="name">samplerealm</Set>
        <Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/samplerealm.txt</Set>
        <Set name="refreshInterval">0</Set>
      </New>
    </Arg>
  </Call>

After that , stop and restart your Solr server . When you visit solr page now, it will ask you for credentials . Provide user1 as your username and user1pass as password , as declared in your sample realm.txt file . Later on, you can change the password as you wish . This is how you do a http basic authentication in Solr . It works 100% . Let me know if that helps :)

回答2:

You could enable SSL. I'm not sure whether that's the desired security - you'll have to provide more info.

With SSL are you atleast able to encrypt communication between the SolrCloud and clients, along with the inter-Solr-node-communication.

Link for enabling SSL: https://cwiki.apache.org/confluence/display/solr/Enabling+SSL