Installing SOLR 4.9 with Tomcat 7 on Debian Wheezy


First of all, let's install Java:

apt-get install openjdk-7-jre-headless

Installing Tomcat:

apt-get install tomcat7 tomcat7-admin

You should now be able to open http://<your-ip>:8080/ in a web browser.

Configuring Tomcat manager auth:

The tomcat7-admin package comes with two web apps: Web Application Manager and Virtual Host Manager. For security reasons none of them are accessible by default. 

To enable it, add the following into /etc/tomcat7/tomcat-users.xml just before the closing </tomcat-users> tag and change username and password:

<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<user username="admin" password="1234" roles="manager-gui,admin-gui"/>

After having restarted tomcat: /etc/init.d/tomcat7 restart
You should be able to access these 2 apps with your username and password that you've chosen above:
http://<your-ip>:8080/manager/html
http://<your-ip>:8080/host-manager/html

Installing Solr:

wget http://archive.apache.org/dist/lucene/solr/4.9.0/solr-4.9.0.tgz
tar -xvpf solr-4.9.0.tgz

Now copy some required libraries into Tomcat’s classpath:

cp -rv ~/solr-4.9.0/example/lib/ext/* /usr/share/tomcat7/lib

Next, Solr’s WAR file has to be placed inside Tomcat’s webapps directory:

cp ~/solr-4.9.0/dist/solr-4.9.0.war /var/lib/tomcat7/webapps/solr.war

The final step is copying the example app’s support files to Tomcat’s Catalina base folder and updating the permissions:

cp -rv ~/solr-4.9.0/example/solr /var/lib/tomcat7
chown -R tomcat7:tomcat7 /var/lib/tomcat7/solr

Now restart Tomcat:

/etc/init.d/tomcat7 restart

You should now be able to access the Solr admin page:
http://<your-ip>:8080/solr

Secure SOLR:

Just edit /var/lib/tomcat7/webapps/solr/WEB-INF/web.xml and insert the following block before the closing </web-app> tag:

<security-constraint>
  <web-resource-collection>
    <web-resource-name>Solr GUI Authentication</web-resource-name>
    <url-pattern>/*</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
  </web-resource-collection>
  <auth-constraint>
    <role-name>solr-gui</role-name>
  </auth-constraint>
  <user-data-constraint>
    <transport-guarantee>NONE</transport-guarantee>
  </user-data-constraint>
</security-constraint>
<login-config>
  <auth-method>BASIC</auth-method>
</login-config>

This will add app-wide authentication in plain HTTP with a basic password prompt for the role solr-gui.

You then need to add your role to /etc/tomcat7/tomcat-users.xml file:

<user username="admin" password="1234" roles="manager-gui,admin-gui,solr-gui"/>

To make these changes take effect, you should restart tomcat once more:
/etc/init.d/tomcat7 restart