After the forbidden API checker was released separately from Lucene as a Google Code project (forked and improved), including Maven support, the checks on Lucene should be changed to work per-module.
The reason for this is: The improved checker is more picky about e.g. extending classes that are forbidden or overriding methods and calling super.method() if they are on the forbidden signatures list. For these checks, it is not enough to have the class files and the rt.jar, you need the whole classpath. The forbidden APIs 1.0 now by default complains if classes are missing from the classpath.
It is very hard with the module architecture of Lucene/Solr, to make a uber-classpath, instead the checks should be done per module, so the default compile/test classpath of the module can be used and no crazy path statements with */.jar are needed. This needs some refactoring in the exclusion lists, but the Lucene checks could be done by a macro in common-build, that allows custom exclusion lists for specific modules.
Currently, the "strict" checking is disabled for Solr, so the checker only complains about missing classes but does not fail the build:
I added almost all missing jars, but those do not seem to be in the solr part of the source tree (i think they are only copied when building artifacts). With making the whole thing per module, we can use the default classpath of the module which makes it much easier.