[
https://issues.apache.org/jira/browse/SOLR-8792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15260688#comment-15260688
]
Ishan Chattopadhyaya commented on SOLR-8792:
--------------------------------------------
Can someone please review and commit this? Without this fix, ACL support is
broken from user perspective. I think this should also be backported to 5x, and
possibly be included in 5.5.1.
Here's a video demonstration of the fix and the steps above (which should be
documented in the ref guide): https://www.youtube.com/watch?v=Sl9R_cVI27o
> ZooKeeper ACL not restricting access to zkcli
> ---------------------------------------------
>
> Key: SOLR-8792
> URL: https://issues.apache.org/jira/browse/SOLR-8792
> Project: Solr
> Issue Type: Bug
> Components: Authentication, documentation
> Affects Versions: 5.0
> Reporter: Esther Quansah
> Labels: acl, authentication, security, zkcli, zkcli.sh, zookeeper
> Attachments: SOLR-8792.patch
>
>
> The documentation presented here:
> https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control
> details the process of securing Solr content in ZooKeeper using ACLs. In the
> example usages, it is mentioned that access to zkcli can be restricted by
> adding credentials to the zkcli.sh script in addition to adding the
> appropriate classnames to solr.xml. With the scripts in zkcli.sh, another
> machine should not be able to read or write from the host ZK without the
> necessary credentials. At this time, machines are able to read/write from the
> host ZK with or without these credentials.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
