[
https://issues.apache.org/jira/browse/SOLR-6736?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15881959#comment-15881959
]
Hrishikesh Gadre commented on SOLR-6736:
----------------------------------------
[~ichattopadhyaya]
bq. This seems like a sound approach in theory, but often times users don't
follow proper procedures for deployment and end up exposing their deployments
without proper authentication/authorization. This extra security is to save
such users from potential remote code execution based attacks. Our guidelines
should, anyway, be for admins to enable security before going to production.
Oh I think I misunderstood your earlier statement. So this would not affect the
setups which have security enabled.
> A collections-like request handler to manage solr configurations on zookeeper
> -----------------------------------------------------------------------------
>
> Key: SOLR-6736
> URL: https://issues.apache.org/jira/browse/SOLR-6736
> Project: Solr
> Issue Type: New Feature
> Components: SolrCloud
> Reporter: Varun Rajput
> Assignee: Ishan Chattopadhyaya
> Attachments: newzkconf.zip, SOLR-6736-newapi.patch,
> SOLR-6736-newapi.patch, SOLR-6736-newapi.patch, SOLR-6736.patch,
> SOLR-6736.patch, SOLR-6736.patch, SOLR-6736.patch, SOLR-6736.patch,
> SOLR-6736.patch, SOLR-6736.patch, SOLR-6736.patch, test_private.pem,
> test_pub.der, zkconfighandler.zip, zkconfighandler.zip
>
>
> Managing Solr configuration files on zookeeper becomes cumbersome while using
> solr in cloud mode, especially while trying out changes in the
> configurations.
> It will be great if there is a request handler that can provide an API to
> manage the configurations similar to the collections handler that would allow
> actions like uploading new configurations, linking them to a collection,
> deleting configurations, etc.
> example :
> {code}
> #use the following command to upload a new configset called mynewconf. This
> will fail if there is alredy a conf called 'mynewconf'. The file could be a
> jar , zip or a tar file which contains all the files for the this conf.
> curl -X POST -H 'Content-Type: application/octet-stream' --data-binary
> @testconf.zip
> http://localhost:8983/solr/admin/configs/mynewconf?sig=<the-signature>
> {code}
> A GET to http://localhost:8983/solr/admin/configs will give a list of configs
> available
> A GET to http://localhost:8983/solr/admin/configs/mynewconf would give the
> list of files in mynewconf
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
