Update: After following the documented Basic Auth instructions and setting up security.json (with setting "forwardCredentials": true) on all nodes involved I was able to observe security enabled for the Solr Admin UI and for basic /select queries, however was not able to execute queries with a "shards" parameter set to URLs to Solr cores.
However, after enabling the following settings on all 3 Solr nodes - the shard list query worked!! solr/bin/solr.in.sh SOLR_AUTH_TYPE="basic" SOLR_AUTHENTICATION_OPTS="-Dbasicauth=solr:SolrRocks" I was a little surprised about this (but glad I found it). I figured the security.json with forwardCredentials was all that would be needed for forwarding queries to shards. Regarding authentication on replication. I have not tested yet, but did discover Auth parameters for follower configuration. [image: image.png] On Mon, Sep 23, 2024 at 12:18 PM mtn search <search...@gmail.com> wrote: > Hello, > > I see from the documentation - > https://solr.apache.org/guide/solr/latest/deployment-guide/securing-solr.html > - there are a number of options to secure Solr. > > Any recommendations for securing Solr in User-Managed mode? > Particularly how to handle these cases: > > - Security between leader and follower for replication calls. > - Security between Solr nodes, when an aggregator node makes a query > to another Solr node in the shards list to fulfill the original query. > > Thanks, > Matt >
