Password protect Solr admin

Solr HTTP admin interface is per default unprotected and can be accessed by everyone.
To secure the interface with HTTP web authentication follow these steps.

Open:
[shell]C:\Tomcat\webapps\solr\WEB-INF\web.xml[/shell]

After:
[xml]<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5"
metadata-complete="true">[/xml]

Insert:
[xml]<security-constraint>
<web-resource-collection>
<web-resource-name>
Solr Lockdown
</web-resource-name>
<url-pattern>/</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>solr_admin</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Solr</realm-name>
</login-config>
<security-role>
<description>solr users</description>
</security-role>[/xml]

Open:
[shell]C:\Tomcat\conf\tomcat-users.xml[/shell]

Inside [xml]<tomcat-users> </tomcat-users>[/xml] insert:
[xml]<user name="myUsername" password="myPassword" roles="admin-gui,manager-gui,solr_admin"></user>[/xml]