Per: Probably want to re-post this on the lucene-dev list, this one is pretty dead....
FWIW, Erick On Wed, Mar 13, 2013 at 7:36 AM, Per Steffensen <[email protected]> wrote: > Hi > > In my organization we want to protect everything accessible from outside > our "secure zone". We have two ports open in our firewall > * 1) A port for HTTP communication with Solr > * 2) A port for communication with ZooKeeper (in order to be able to run > CloudSolrServer-clients outside the SZ) > > We have dealt with 1) and provided our solution as a patch to SOLR-4470. > Now 2) is up. In order to protect ZooKeeper we need to add ACLs to znodes > and make sure ZK-clients provide credentials when accessing ZooKeeper. This > will require a few changes in Solr - have ZK-clients provide credentials > when operating against ZK, and maybe to have Solr add ACLs to the znodes it > creates. My question is if such a solution is worth the effort of a Solr > JIRA, in order to shape the solution in collaboration with the community > and to have a place to provide a patch/solution, or if a solution to this > issue is not interesting for the community (e.g. because there is a > strategy that people also have to somehow deal with this issue outside the > context Solr (code))? > > Regards, Per Steffensen > > ------------------------------**------------------------------**--------- > To unsubscribe, e-mail: > [email protected].**org<[email protected]> > For additional commands, e-mail: [email protected] > >
