Ignore:
Timestamp:
2018-09-06T22:34:17+12:00 (6 years ago)
Author:
ak19
Message:

solr should only be accessible locally (from localhost, specifically 127.0.0.1) which means over http. This conflicted with the previous design of the properties file for working with http and/or https. Now we have tomcat.port.https and localhost.port.http, both always set. In place of server.protocol that used to contain the default protocol, we now have server.protocols which can be set to a comma separated list of one or both of http and https. Drastic restructuring followed. I think I've tested all but https certification stuff.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • gs3-extensions/solr/trunk/src/src/java/org/greenstone/gsdl3/service/GS2SolrSearch.java

    r32419 r32430  
    9696            Properties globalProperties = new Properties();
    9797            globalProperties.load(Class.forName("org.greenstone.util.GlobalProperties").getClassLoader().getResourceAsStream("global.properties"));
     98           
     99            /*
    98100            String host = globalProperties.getProperty("tomcat.server", "localhost");
    99101            //String port = globalProperties.getProperty("tomcat.port.http", "8383");
     
    107109            String portStr = port.equals("80") ? "" : ":"+port;
    108110            solr_servlet_base_url = protocol+"://"+host+portStr+"/"+solrContext;
     111            */
     112
     113            // The solr servlet is only accessible locally (from "localhost",  specifically 127.0.0.1).
     114            // for security reasons, as we don't want non librarian users
     115            // to go to the solr servlet and delete solr cores or something.
     116            // The security Valve element in the tomcat solr.xml context file restricts
     117            // access to 127.0.0.1, but here we ensure that the solr URL is the local http one
     118            // and not any https with domain name and https port.
     119            // Note that we use 127.0.0.1 instead of literally "localhost" since localhost is unsafe
     120            ProtocolPortProperties protocolPortProps = new ProtocolPortProperties(globalProperties); // can throw Exception
     121            String solrContext = globalProperties.getProperty("solr.context", "solr");
     122            solr_servlet_base_url = protocolPortProps.getLocalHttpBaseAddress()+"/"+solrContext;
     123
    109124        } catch(Exception e) {
    110125            logger.error("Error reading greenstone's tomcat solr server properties from global.properties", e);
Note: See TracChangeset for help on using the changeset viewer.