I'm setting up Solr using Jetty. I would like to restrict access to only a few IP addresses. It doesn't seem immediately obvious that this can be done using Jetty. Is it possible and if so, how?
相关问题
- Solr Deduplication (dedupe) giving all zeros in si
- Problem with cometd and jetty 6 / 7
- Solr (Sunspot), max results more than 30?
- Serving static html files using DefaultServlet on
- Lucene Query on a DateField indexed by Solr
相关文章
- Solr - _version_ field must exist in schema and be
- PostgreSQL field data type for IPv4 addresses
- How to use Jetty with Let's Encrypt certificat
- Integrating Jetty with RESTEasy
- How to find that an IP address is a LAN IP or WAN
- Direct IP call android
- SolrNet - Score always 0
- Automate ftp upload to ip
Solr 4.2.1 uses Jetty 8.1.8. Jetty 8 (as noted by jonas789) doesn't support .htaccess. Instead, it uses IPAccessHandler, which doesn't have great documentation available. I had to play with it quite a bit to get it work, so I'm posting an updated solution here.
IPAccessHandler manages a blacklist and a whitelist, accepts arbitrary ranges of IPs, and supports attaching specific URI paths to each white/black -list entry. IPAccessHandler also subclasses HandlerWrapper, which turns out to be important.
The solr app still lives in a WebAppContext (as in Lyndsay's solution), but a WebAppContext is now governed by a ContextHandler, which resides in a ContextHandlerCollection occupying the first handler slot in the server. To stop requests from the wrong IP from getting to the app, we need to wrap it inside an IPAccessHandler somewhere along that path. IPAccessHandler behaves oddly if it's in the wrong spot: I tried inserting it before the context handlers and it gave 403 Forbidden to the wrong machines, threw NullPointerException tantrums with no additional error messages, all sorts of nonsense. I finally got it to work by wrapping the ContextHandlerCollection itself, at the server level.
Go to
etc/jetty.xml
and scroll to the handlers section. Then wrap the existing ContextHandlerCollection item as follows:Resources:
I found the solution.
Firstly, extract the contents of solr.war in the example/webapps folder. Then create a file called .htaccess and place it in the example/webapps/solr folder (the one you just extracted) containing the following:
In example/etc/ edit the jetty.xml file and comment out the org.mortbay.jetty.deployer.WebAppDeployer part. Then finally create a folder in example/ called contexts (if one does not yet exist) and add a file called solr.xml to it containing:
Then start up your new secure solr!