Solr Admin UI with restricted authorization

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Solr Admin UI with restricted authorization

Yang, Ya Lan
Dear Solr support team,

Hope you are doing well in this difficult time! I have 2 quick questions:
  1. Are we able to restrict Admin UI's functions? For example, blocking the update (insert/delete/edit) functions on the Admin UI. My colleagues would like to open this Admin UI to users, but I think this is too risky because accessing Admin UI can edit the data and even bring down the Solr instance. Please correct me if I am wrong.
  2. I implemented the Authentication and Authorization Plugins to our solr instance using your super helpful guide. I wonder is there any UI we can manage/configure the users' accounts and permissions instead of using the commands
Thank you!

Ya-Lan Yang
Software Engineer
Cline Center for Advanced Social Research
University of Illinois Urbana-Champaign
217.244.6641
[hidden email]

Cline Center for Advanced Social Research
2001 S. First St. Suite 207, MC-689
Champaign, IL  61820-7478
www.clinecenter.illinois.edu


Reply | Threaded
Open this post in threaded view
|

Re: Solr Admin UI with restricted authorization

Jörn Franke
You can restrict the admin UI by limiting access using the authorization plugin. I would though not give access to end users for the admin UI.  A good practice is to create your own web application running on a dedicated server that manages all the authentication / authorization and provides a UI for the end users. Then you can manage access in a dedicated enterprise directory and also implement single sign-on etc.


You cannot manage users in the admin UI and you will see it gets very cumbersome with many different users.

Also from a usability point of view the admin UI does not make sense for end users.



> Am 29.05.2020 um 22:08 schrieb Yang, Ya Lan <[hidden email]>:
>
> 
> Dear Solr support team,
>
> Hope you are doing well in this difficult time! I have 2 quick questions:
> Are we able to restrict Admin UI's functions? For example, blocking the update (insert/delete/edit) functions on the Admin UI. My colleagues would like to open this Admin UI to users, but I think this is too risky because accessing Admin UI can edit the data and even bring down the Solr instance. Please correct me if I am wrong.
> I implemented the Authentication and Authorization Plugins to our solr instance using your super helpful guide. I wonder is there any UI we can manage/configure the users' accounts and permissions instead of using the commands?
> Thank you!
>
> Ya-Lan Yang
> Software Engineer
> Cline Center for Advanced Social Research
> University of Illinois Urbana-Champaign
> 217.244.6641
> [hidden email]
>
> Cline Center for Advanced Social Research
> 2001 S. First St. Suite 207, MC-689
> Champaign, IL  61820-7478
> www.clinecenter.illinois.edu
>
>