janhoy commented on a change in pull request #635: SOLR-13371 improve security chapters in refguide URL: https://github.com/apache/lucene-solr/pull/635#discussion_r272463598
########## File path: solr/solr-ref-guide/src/securing-solr.adoc ########## @@ -19,16 +19,52 @@ When planning how to secure Solr, you should consider which of the available features or approaches are right for you. -* Authentication or authorization of users using: -** <<kerberos-authentication-plugin.adoc#kerberos-authentication-plugin,Kerberos Authentication Plugin>> -** <<basic-authentication-plugin.adoc#basic-authentication-plugin,Basic Authentication Plugin>> -** <<rule-based-authorization-plugin.adoc#rule-based-authorization-plugin,Rule-Based Authorization Plugin>> -** <<authentication-and-authorization-plugins.adoc#authentication-and-authorization-plugins,Custom authentication or authorization plugin>> -* <<enabling-ssl.adoc#enabling-ssl,Enabling SSL>> -* If using SolrCloud, <<zookeeper-access-control.adoc#zookeeper-access-control,ZooKeeper Access Control>> -* <<audit-logging.adoc#audit-logging,Audit logging>> for recording an audit trail - [WARNING] ==== No Solr API, including the Admin UI, is designed to be exposed to non-trusted parties. Tune your firewall so that only trusted computers and people are allowed access. Because of this, the project will not regard e.g., Admin UI XSS issues as security vulnerabilities. However, we still ask you to report such issues in JIRA. ==== + +=== Encryption with TLS (SSL) certificates Review comment: Here I skip level-2 headers since that means page-break in the PDF. We get a compile-warning but it was the only way I could get the more detailed securing-solr page to stick together. @ctargett any other tricks we could use instead? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
