[
https://issues.apache.org/jira/browse/SOLR-10646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16003222#comment-16003222
]
Jan Høydahl commented on SOLR-10646:
------------------------------------
OK. Seems to me like auth opts are not passed on start in solr.cmd, does that
mean Kerberos won't work on Windows?
I'll close this issue as won't fix then. As long as we use basicAuth.conf we
should be safe anyway.
> bin/solr should not pass security credentials for start command
> ---------------------------------------------------------------
>
> Key: SOLR-10646
> URL: https://issues.apache.org/jira/browse/SOLR-10646
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: scripts and tools
> Reporter: Jan Høydahl
> Assignee: Jan Høydahl
> Fix For: 6.6, master (7.0)
>
> Attachments: SOLR-10646.patch
>
>
> Spinoff from SOLR-8440
> It is unnecessary to pass auth parameters as Java options on the cmdline for
> {{bin/solr start}}, as Solr does not need these to start, and it potentially
> exposes passwords in plain text in the UI.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
