[
https://issues.apache.org/jira/browse/SOLR-7889?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18041485#comment-18041485
]
Eric Pugh commented on SOLR-7889:
---------------------------------
does this become easier if you use embedded ZK in solr? I/e, use our embbedded
ZK and get security for free?
> Secure ZooKeeper should be easy and the default
> -----------------------------------------------
>
> Key: SOLR-7889
> URL: https://issues.apache.org/jira/browse/SOLR-7889
> Project: Solr
> Issue Type: Improvement
> Components: security
> Reporter: Jan Høydahl
> Priority: Critical
> Labels: security, zookeeper
>
> ZooKeeper security is documented at
> https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control but
> is not trivial to setup, see http://search-lucene.com/m/eHNlqr6EnMrP6O
> As we enable more and more security stuff, securing ZK should be easier to do
> and ideally the default. This is an umbrella for such improvements.
> When all of this is in place and working, perhaps even Solr should refuse to
> start if Auth/Autz plugins are in use and ZK communication is not properly
> protected, e.g. require {{bin/solr start --insecure}} to override.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
