To clarify - in my case the web page has an input / search element that connects to Solr (running in the background) via an Ajax script.
============================================================================== Let PHP map your app users to Solr core, and keep the connection between PhP and Solr simple with the same basic auth user always. No need for Solr to know about end uses in the setup you describe. Jan Høydahl =============================================================================== 23. sep. 2022 kl. 06:28 skrev Victoria Stuart (VictoriasJourney.com) <m...@victoriasjourney.com>: I have a standalone instance of Solr 8.11 secured with SSL and Basic Authentication. I also have a website with registered users' credentials (username, password, ...) stored in a MySQL database. Questions: 1. What is the best way to allow registered users access to a Solr core (and unregistered users to a second, limited contents "demo" core)? A PHP curl request to security.json? (I can programmatically access the MySQL data as a PDO object in a PHP script.) 2. Does the standalone-configured Solr automatically watch security.json for changes? That is, if a new user is added (or an old one removed), will the active Solr instance notice the change in security.json, and add / restrict the user? If not, can security.json be reloaded (Solr core reload) without restarting Solr? 3. Any other suggestions? I am a relative novice on Solr as a deployed service. ==============================================================================
