Feature #5947
Secure SOLR connection (auth)
| Status: | Closed | Start date: | 2010-01-10 | |
|---|---|---|---|---|
| Priority: | Won't have this time | Due date: | ||
| Assignee: | - | % Done: | 0% |
|
| Category: | - | |||
| Target version: | - | |||
| TYPO3 Version: | Has patch: | |||
| PHP Version: | Tags: | |||
| Votes: | 0 |
Description
If a central solr server is used by multiple query services there should be a way to secure the connection.
Since SOLR Webservice is based on http one sould use http features:
1) http based authentification (configured in tomcat)
2) new configuration for tx_solr http_user / http_password
(+ check https connection works?)
Related issues
| related to Apache Solr for TYPO3 CMS - Bug #11026: Solr extension is broken in secure environments | Closed | 2010-11-23 | ||
| related to Apache Solr for TYPO3 CMS - Feature #11027: Update SolrPhpClient to latest revision with plugable HTT... | Closed | 2010-11-23 |
History
Updated by Ingo Renner over 3 years ago
- Status changed from New to Accepted
Agreed, we could use tx_solr_Service to override the specific methods in Apache_Solr_Service that make the request. tx_solr_Service should use the methods provided by t3lib_div, making use of curl.
Updated by Olivier Dobberkau over 3 years ago
Another option could be running SOLR behind a Proxy with SSL and mod_auth. You basically do not want to configure that stuff on the Tomcat...
We are also evaluating a HMAC or OAuth for this kind of Stuff.
Updated by Ingo Renner over 1 year ago
- Status changed from Accepted to Closed
- Priority changed from Should have to Won't have this time
Since anything that works with HTTP can be used we leave this to the user.