ACS 7.1 includes a new mode for Alfresco/SOLR Communication named secret.
This is an additional mode to the existent ones (http and mtls) that provides an intermmediate level of security to protect this communications from unauthorized access.
Communication between Repository and SOLR happens using plain HTTP protocol with a Shared Secret in HTTP Header.
Configuration for Alfresco Repository
Recommended settings for alfresco-global.properties or Java Environment variables.
solr.host=solr6
solr.port=8983
solr.secureComms=secret
solr.sharedSecret=secret
You may use a more complex secret word than "secret" for your "solr.sharedSecret" property.
Configuration for Search Services
Recommended settings for solrcore.properties (remember to add these settings to both cores: alfresco and archive)
alfresco.host=alfresco
alfresco.port=8080
alfresco.secureComms=secret
alfresco.secureComms.secret=secret
You must use the same secret word configured in repository property ("solr.sharedSecret") as "alfresco.secureComms.secret" value.
This mode doesn't include authentication by default, but it will require to add the shared secret word ("secret" in the abova sample) in HTTP Header requests using by default X-Alfresco-Search-Secret property.
Accessing SOLR Web Console requires using a Browser plugin to add this header to the HTTP Request.
Additional information
More information about Alfresco/SOLR Communication modes is available in:
Deployment source code for the different modes is available in https://github.com/AlfrescoLabs/alfresco-solr-comm
