Copy link to clipboard
Copied
I am trying to use basic authentication with Solr and ColdFusion but am running into 2 issues.
I have done the following:
Issue 1: The collections are not available in CFADMIN > Data & Services > ColdFusion Collections. The error is:
Unable to retrieve collections from the Search Services. Ensure that you have installed ColdFusion Search Service and it is running.
Issue 2: When I try to reindex collections the cfcatch detail and message are:
It has been configured as http://localhost:8993/solr. SOLR server is not accessible.
So it seems like CFADMIN is not correctly authenticating to Solr.
Anyone have any thoughts?
Thanks in advance.
Copy link to clipboard
Copied
I have no idea whether ColdFusion supports using Basic Authentication when connecting to Solr. Unless you need Basic Authentication for some other Solr users outside of CF, I recommend you limit remote access entirely using IP restrictions. You can do that directly on the local machine using whatever firewall software it has.
Dave Watts, Eidolon LLC
Copy link to clipboard
Copied
It seems odd that ColdFusion would provide fields to enter credentials in the Data & Services > Solr Server tab if it was not supported, but maybe I'm missing something.
A security scan at my organization doesn't like that Solr provides information without authentication at the address http://MACHINENAME:8993/solr/.
So, would blocking port 8993 to external traffic with a firewall rule prohibit accessing that info? I don't believe a can edit firewall rules because those are controlled by an Enterprise level IT group ant my organization but if this is the only solution perhaps I can request it.
Copy link to clipboard
Copied
It does seem odd. But you don't have to worry about it. Blocking external access to that port would make Solr entirely inaccessible to the security scan, and is arguably more secure. I recommend requesting that solution from your IT group.
Dave Watts, Eidolon LLC