Enable Http Authentication On A Solr Cluster

To have all requests into your solr cluster use http authentication we will install the apache http server and use it as a reverse proxy to server requests to your cluster.


You can achieve it by following these steps - 


1. Enable mod_proxy module in Apache http server

Documentation - http://httpd.apache.org/docs/2.2/mod/mod_proxy.html

2. The solr server is running on http://localhost:8983/solr

3. Create a http authentication password with "htpasswd -c /etc/apache2/passwords <user>"

Documentation - http://httpd.apache.org/docs/2.2/howto/auth.html

4. This is what your proxy configuration should look like -

ProxyPass /lucid/ http://localhost:8983/solr/

ProxyPassReverse /lucid/ http://localhost:8983/solr/

ProxyPass /solr http://localhost:8983/solr

<Location /lucid>
AuthType Basic
AuthUserFile "/etc/apache2/passwords"
AuthName <user>
require valid-user


Now I query like this - http://localhost/lucid/collection1/select?q=*

You could go the admin UI http://localhost/lucid/ or http://localhost/solr


Note - You could need to enable SSL so that passwords aren't sent out in clear text.


The disadvantage of using such a mechanism would be - In SolrCloud when indexing documents using CloudSolrServer you could earlier hit the leader of that shard directly. Now you have to index documents against the reverse proxy and hence an extra network call.

This is the best way to achieve http authentication till this patch gets committed in Solr





Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk