Source changes - FishEye

Shows the 20 most recent commits for Solr.

sarowe committed 1813184 (3 files)
Michael Brohl committed 1812790 (11 files)
Reviews: none

Improved: Update Solr/Lucene to 7.1.0 [CVE-2017-9803] [CVE-2017-12629].

There were two security vulnerabilities and it was recommended to
upgrade to 7.1.0 asap.

The update removed the deprecated setBoost functionality during index
time. I have removed it completely to be able to update to 7.1.0.
A new indexing and query strategy has to be implemented here. Might be
follow-up work in the future.

Julian Reschke committed 1812660 (1 file)
Reviews: none

OAK-6847: oak-solr-core test failures with java 9

Tests disabled under Java 9 because they were already disabled for Java 8 as well.

Michael Brohl committed 1812583 (4 files)
Reviews: none

Improved: Removed unfinished Solr query functionality from the
codebase which was introduced with (OFBIZ-6595) and r1736878.

There is no need for a self-implemented solr query form, this is
already provided by the Solr admin page which is accessible
through the menu.

Removes obsolete requests, screens and forms.

shalin committed 1812371 (2 files)
Reviews: none

Added link to vulnerability announcement and fixed blurb on new query DSL for solr

Jan le Roux committed 1811041 (53 files)
Reviews: none

Improved: Add session tracking mode and make cookie secure

Programmatically replaces the web.xml <session-config> declarations and uses
the @WebListener annotation to start the process. This avoid to duplicates
things everywhere in web.xml files. Since the web.xml files have precedence
on annotations, the setting can be easily overridden when necessary.

Now that we also use HTTPS in ecommerce the ecommerce session cookie is
also secured.

I also noted that we had 8 weird <session-timeout> declarations:
    in solr component: <session-timeout>2</session-timeout>
    in themes: <session-timeout>1</session-timeout>

Also in Rainbowstone we lacked the <cookie-config> and <tracking-mode>
declarations. I think it's not good.

I resolve these points by simply removing the <session-config> in web.xml files
of themes and Solr.

Thanks: Pradhan Yash Sharma for review

ofbiz trunk
Chris Lambertus <> committed b6ca3151329d7b2bca643ea07827048c22d62c30 (1 file)
Reviews: none

add httpd config for solr mapping to cwiki-test per INFRA-14849

Jan le Roux committed 1800484 (2 files)
Reviews: none

Improved: Missing Java Option solr.log.dir. Logging may be missing or incomplete

This fixes and completes r1800457
I put a wrong path in for solr.log.dir
(/runtime/indexes/solr instead of runtime/logs/solr).
This also adds the log level.

Not sure this has a real impact on Solr logging (from the
Solr admin UI does not seem to work.) But at least we no longer have this
annoying message. People interested in Solr logging will dig in...

Jan le Roux committed 1800457 (4 files)
Reviews: none

Improved: Missing Java Option solr.log.dir. Logging may be missing or incomplete

The tip suggested by Jinghai I committed at r1795781 did not work.

This reverts r1795781 and offers a better solid solution.

Byproduct: fixes imports and tabs in

Jan le Roux committed 1800453 (1 file)
Reviews: none

Fixed: Could not obtain Lock on lucene index Lock

At r1794771 Jinghai committed for OFBIZ-8316 with this comment
 Updated Solr from 6.2.1 to 6.5.1...[snip]...

But unfortunately he reintroduced the path for indexes to
/runtime/indexes/products which breaks OFBIZ-7265 on this aspect where I then
set it to runtime/indexes/solr to not confuse with Lucene index

I have decide to make things even more clear by using now

I hope nobody will break it again, even if it has no functional impact.

Cassandra Targett committed 1799474 (1 file)
Reviews: none

SOLR-10930: refine redirect rule so it only applies to beginning of URL path

tommaso committed 1796147 (2 files)
tommaso committed 1796146 (2 files)
tommaso committed 1796145 (2 files)