[jira] [Comment Edited] (SOLR-7207) Securing operations in Solr

Mon, 09 Mar 2015 09:13:04 -0700 

    [ 
https://issues.apache.org/jira/browse/SOLR-7207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14353152#comment-14353152
 ] 

Noble Paul edited comment on SOLR-7207 at 3/9/15 4:12 PM:
----------------------------------------------------------

Using an API key means 2 things
* You should keep the key secret. In Solr we keep everything publicly viewable
* We will have to force users to use HTTPS ?

Correct me if I am wrong
PKI is not really heavyweight. If you can secure your private key and sign your 
request everything else will be simple. We can keep the public keys truly 
viewable for everyone and the communication can continue to be over simple HTTP


was (Author: noble.paul):
Using an API key means 2 things
* You should keep the key secret. In Solr we keep everything publicly viewable
* We will have to force users to use HTTPS ?

Correct me if I am wrong
PKI is not really heavyweight. If you can secure your private key and sign your 
request everything else will be simple. 

> Securing operations in Solr
> ---------------------------
>
>                 Key: SOLR-7207
>                 URL: https://issues.apache.org/jira/browse/SOLR-7207
>             Project: Solr
>          Issue Type: New Feature
>            Reporter: Noble Paul
>
> Historically, Solr has always stayed away from securing any operations and we 
> even allow GET operation on an HTTP end point to manipulate almost anything 
> inside a Solr cluster
> We can categorize the operations such as
> * Loading executable (runtime jars) SOLR-7126
> * conf files SOLR-6736
> * schema API
> * config API
> * collections API
> * /update/* operation to any collection
> SOLR-7126 has solved this problem using PKI where the public keys can be 
> uploaded to {{/keys/exe}} and all jars loaded are verified using one of the 
> public keys. 
> A similar scheme can be used for other operations as well. We can add keys to 
> other  directories and use them to verify other operations. The only catch is 
> , that we will need to send all the payload via POST
> The advantage of this scheme is that Solr does not need to manage any 
> credentials or take care of storing anything secretly. It just needs a few 
> public keys to be stored in ZK and security will kick in automatically. 
> External solutions can build on top of these and provide authentication etc



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to