I'm currently trying to use SolrPhpClient with the Drupal apachesolr module. Because of security concerns, we'd like keep this instance's admin interfaces require authentication, and we're using HTTP Basic for the time being. We've set the instance and the servlet container up appropriately and confirmed that it works.

However, there's no place to pass SolrPhpClient the username and password. I've tried including it as part of the $host variable that gets passed to __construct() (e.g. 'user:pass@host') as that should work with the file_get_contents() calls in _sendRawGet() and _sendRawPost. However, this doesn't work for ping(), as it uses fsockopen() instead.

The ping function can probably be reworked to just use fopen - hopefully easily. The original reason for using fsockopen was that it allowed us to control the socket connection timeout value. I'm not sure this is possible with fopen and a stream context (there is a timeout option, but I believe its only for read operations). I will have to experiment.

As an interim alternative to HTTP basic authentication I suggest using an IP based white list. If you're using apache tomcat for your servlet container you can use the Remove Address Filter valve: http://tomcat.apache.org/tomcat-6.0-doc/config/valve.html

Does ping() actually need to write over the socket?

Can you test my commit: http://code.google.com/p/solr-php-client/source/detail?r=6

Confirmed that ping now works with 'username:password@host' host configuration against tomcat basic authentication security constraint.

I've confirmed it as well. Thanks again!

While this is good for consistancy, we've overriden some of the methods _rawPost and _rawGet specifically because they used stream_context and we wanted to support users on shared hosts for whom curl or fsock is the only option.

What do you think about our earlier discussion re: switching to a (admitedly) more complex but more widely available option? Since you're using PEAR style syntax, I suppose the PEAR HTTP library isn't too far a stretch, right? Perhaps too much overhead though.

Best, Jacob

Just started using SolrPhpClient, and agree with Jacob that using Curl would be better.

In addition to finer control over timeouts (can set connection as well as normal timeouts) it's more flexible, and seems about as fast as file_get_contents. A little more memory is used, but I doubt that's much of an issue.

Curl also has the advantage of keeping the connection open if doing multiple requests, which is bound to be faster than opening it each time.

Cameron.