Solr_09_建立solr系統驗證

參考資料 https://wiki.apache.org/solr/SolrSecurity

1.到 C:\solr-4.10.0\example\etc 資料夾

編輯jetty.xml

加入以下內容

<Call name="addBean"> <Arg> <New class="org.eclipse.jetty.security.HashLoginService"> <Set name="name">Solr Realm</Set> <Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set> <Set name="refreshInterval">0</Set> </New> </Arg> </Call>

2.編輯webdefault.xml

加入以下內容

<security-constraint> <web-resource-collection> <web-resource-name>Solr authenticated application</web-resource-name> <url-pattern>/</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin-role</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Solr Realm</realm-name> </login-config>

新增realm.properties檔案

內容格式如下

admin: password, admin-role

solrjAPI使用時進行驗證

新增PreemptiveAuthInterceptor.java 內容如下

/* * To change this license header, choose License Headers in Project Properties. To change this * template file, choose Tools | Templates and open the template in the editor. */ package com.cy.solrjsearch; import java.io.IOException; import org.apache.http.HttpException; import org.apache.http.HttpHost; import org.apache.http.HttpRequest; import org.apache.http.HttpRequestInterceptor; import org.apache.http.auth.AuthScope; import org.apache.http.auth.AuthState; import org.apache.http.auth.ContextAwareAuthScheme; import org.apache.http.auth.Credentials; import org.apache.http.client.CredentialsProvider; import org.apache.http.client.protocol.ClientContext; import org.apache.http.impl.auth.BasicScheme; import org.apache.http.protocol.ExecutionContext; import org.apache.http.protocol.HttpContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** * * @author shaun */ public class PreemptiveAuthInterceptor implements HttpRequestInterceptor { private static final Logger logger = LoggerFactory.getLogger(PreemptiveAuthInterceptor.class); protected ContextAwareAuthScheme authScheme = new BasicScheme(); @Override public void process(final HttpRequest request, final HttpContext context) throws HttpException, IOException { AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE); // If no auth scheme avaialble yet, try to initialize it // preemptively if (authState.getAuthScheme() == null) { CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER); HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST); Credentials creds = credsProvider .getCredentials(new AuthScope(targetHost.getHostName(), targetHost.getPort())); if (creds == null) throw new HttpException("No credentials for preemptive authentication"); authState.setAuthScheme(new BasicScheme()); authState.setCredentials(creds); } } public ContextAwareAuthScheme getAuthScheme() { return authScheme; } public void setAuthScheme(final ContextAwareAuthScheme authScheme) { this.authScheme = authScheme; } }

在引用SolrServer時需修改如下

PoolingClientConnectionManager cxMgr = new PoolingClientConnectionManager(SchemeRegistryFactory.createDefault()); cxMgr.setMaxTotal(100); cxMgr.setDefaultMaxPerRoute(20); DefaultHttpClient httpclient = new DefaultHttpClient(cxMgr); httpclient.addRequestInterceptor(new PreemptiveAuthInterceptor(), 0); httpclient.getCredentialsProvider().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("admin", "admin")); solr = new HttpSolrServer(URL, httpclient); solr.setRequestWriter(new BinaryRequestWriter()); solr.setAllowCompression(true);

如果單純只有query的話，就不用那麼麻煩

HttpSolrServer solr = new HttpSolrServer(URL); HttpClientUtil.setBasicAuth((DefaultHttpClient) solr.getHttpClient(), "admin", "admin");