On 2022-09-21 6:35 PM, Victoria Stuart (VictoriasJourney.com) wrote:
I have a standalone instance of Solr 8.11 secured with SSL and Basic Authentication.I also have a website with registered users' credentials (username, password, ...) stored in a MySQL database. Questions: 1. What is the best way to allow registered users access to a Solr core (and unregistered users to a second, limited contents "demo" core)? A PHP curl request to security.json? (I can programmatically access the MySQL data as a PDO object in a PHP script.) 2. Does the standalone-configured Solr automatically watch security.json for changes? That is, if a new user is added (or an old one removed), will the active Solr instance notice the change in security.json, and add / restrict the user? If not, can security.json be reloaded (Solr core reload) without restarting Solr? 3. Any other suggestions? I am a relative novice on Solr as a deployed service.
I would put it behind apache proxy with mod_auth_mysql -- or nginx if it has mysql auth module by now.
Dima
