Help

Shared Secret Communication Mode for Repository and SOLR

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Shared Secret Communication Mode for Repository and SOLR

angelborroy
Alfresco Employee
1 13 12.1K
‎20 Oct 2021 1:36 PM

ACS 7.1 includes a new mode for Alfresco/SOLR Communication named secret.

This is an additional mode to the existent ones (http and mtls) that provides an intermmediate level of security to protect this communications from unauthorized access.

Communication between Repository and SOLR happens using plain HTTP protocol with a Shared Secret in HTTP Header.

Configuration for Alfresco Repository

Recommended settings for alfresco-global.properties or Java Environment variables.

solr.host=solr6
solr.port=8983
solr.secureComms=secret
solr.sharedSecret=secret

You may use a more complex secret word than "secret" for your "solr.sharedSecret" property.

Configuration for Search Services

Recommended settings for solrcore.properties (remember to add these settings to both cores: alfresco and archive)

alfresco.host=alfresco
alfresco.port=8080
alfresco.secureComms=secret
alfresco.secureComms.secret=secret

You must use the same secret word configured in repository property ("solr.sharedSecret") as "alfresco.secureComms.secret" value.

This mode doesn't include authentication by default, but it will require to add the shared secret word ("secret" in the abova sample) in HTTP Header requests using by default X-Alfresco-Search-Secret property.

Accessing SOLR Web Console requires using a Browser plugin to add this header to the HTTP Request.

Additional information

More information about Alfresco/SOLR Communication modes is available in:

Deployment source code for the different modes is available in https://github.com/AlfrescoLabs/alfresco-solr-comm

Labels
About the Author
Angel Borroy is Hyland Developer Evangelist. Over the last 15 years, he has been working as a software architect on Java, BPM, document management and electronic signatures. He has been working with Alfresco during the last years to customize several implementations in large organizations and to provide add-ons to the Community based on Record Management and Electronic Signature. He writes (sometimes) on his personal blog http://angelborroy.wordpress.com. He is (proud) member of the Order of the Bee.
13 Comments
Alfresco Content Services Blog

Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.

Related links:

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.