We have several instances of EC2 running Solr in EC2, which we used in the past through another application. We would like to make sure that users (via a web browser) can directly access Solr.
Without something “ahead” of Solr, this leads to a security risk, so we decided to try using ELB (in particular, Application Load Balancer) as a simple and maintenance-free way to prevent certain requests from SOLR (that is, preventing DELETING from being published or otherwise modifying documents in Solr).
This worked great, but we understand that we need to deal with the CORS problem . In other words, we need to add the appropriate headers to the requests coming from the browser. I have not yet seen a way to do this with the Application Load Balancer, but I am wondering if this is possible. If this is not possible, I would like for an additional recommendation to be a simpler and least complicated way to add these headers. We really really hate adding something like nginx in front of Solr, because then we have extra redundancy, more servers, etc.
Thank!
source
share