hacioguz / solr-php-client

Automatically exported from code.google.com/p/solr-php-client
Other
0 stars 0 forks source link

SolrPhpClient does not support HTTP Auth #4

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
I'm currently trying to use SolrPhpClient with the Drupal apachesolr
module. Because of security concerns, we'd like keep this instance's admin
interfaces require authentication, and we're using HTTP Basic for the time
being. We've set the instance and the servlet container up appropriately
and confirmed that it works.

However, there's no place to pass SolrPhpClient the username and password.
I've tried including it as part of the $host variable that gets passed to
__construct() (e.g. 'user:pass@host') as that should work with the
file_get_contents() calls in _sendRawGet() and _sendRawPost. However, this
doesn't work for ping(), as it uses fsockopen() instead.

Original issue reported on code.google.com by mark.matienzo on 10 Mar 2009 at 7:55

GoogleCodeExporter commented 8 years ago
The ping function can probably be reworked to just use fopen - hopefully 
easily. The original reason for using 
fsockopen was that it allowed us to control the socket connection timeout 
value. I'm not sure this is possible 
with fopen and a stream context (there is a timeout option, but I believe its 
only for read operations). I will 
have to experiment.

As an interim alternative to HTTP basic authentication I suggest using an IP 
based white list. If you're using 
apache tomcat for your servlet container you can use the Remove Address Filter 
valve: http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html

Original comment by donovan....@gmail.com on 10 Mar 2009 at 9:06

GoogleCodeExporter commented 8 years ago
Does ping() actually need to write over the socket?

Original comment by mark.matienzo on 10 Mar 2009 at 10:00

GoogleCodeExporter commented 8 years ago
Can you test my commit: 
http://code.google.com/p/solr-php-client/source/detail?r=6  

Original comment by donovan....@gmail.com on 12 Mar 2009 at 3:49

GoogleCodeExporter commented 8 years ago
Confirmed that ping now works with 'username:password@host'  host configuration 
against tomcat basic 
authentication security constraint.

Original comment by donovan....@gmail.com on 13 Mar 2009 at 10:43

GoogleCodeExporter commented 8 years ago
I've confirmed it as well. Thanks again!

Original comment by mark.matienzo on 17 Mar 2009 at 3:44

GoogleCodeExporter commented 8 years ago
While this is good for consistancy, we've overriden some of the methods 
_rawPost and
_rawGet specifically because they used stream_context and we wanted to support 
users
on shared hosts for whom curl or fsock is the only option.

What do you think about our earlier discussion re: switching to a (admitedly) 
more
complex but more widely available option?  Since you're using PEAR style 
syntax, I
suppose the PEAR HTTP library isn't too far a stretch, right?  Perhaps too much
overhead though.

Best,
Jacob

Original comment by jacobsi...@gmail.com on 18 Mar 2009 at 6:30

GoogleCodeExporter commented 8 years ago
Just started using SolrPhpClient, and agree with Jacob that using Curl would be 
better.

In addition to finer control over timeouts (can set connection as well as normal
timeouts) it's more flexible, and seems about as fast as file_get_contents. A 
little
more memory is used, but I doubt that's much of an issue.

Curl also has the advantage of keeping the connection open if doing multiple
requests, which is bound to be faster than opening it each time.

Cameron.

Original comment by macro...@gmail.com on 18 Jan 2010 at 5:03