[
https://issues.apache.org/jira/browse/SOLR-7889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jan Høydahl updated SOLR-7889:
--
Description:
ZooKeeper security is documented at
https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control but
is not trivial to setup, see http://search-lucene.com/m/eHNlqr6EnMrP6O
As we enable more and more security stuff, securing ZK should be easier to do
and ideally the default. This is an umbrella for such improvements.
When all of this is in place and working, perhaps even Solr should refuse to
start if Auth/Autz plugins are in use and ZK communication is not properly
protected, e.g. require {{bin/solr start --insecure}} to override.
was:
ZooKeeper security is documented at
https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control but
is not trivial to setup, see http://search-lucene.com/m/eHNlqr6EnMrP6O
As we enable more and more security stuff, securing ZK should be easier to do
and ideally the default.
The {{DefaultZkACLProvider}} should by default require admin access for all
operations including read of {{/security.json}}, and other sensitive paths.
Today this is left to the user to implement.
Move manual env-var instructions from documentation into start scripts, with
defaults for read-only and admin user passwords.
Perhaps even Solr should refuse to start if ZK communication is not ACL
protected, encrypted and if default admin passwd is not changed. Overrideable
with a new option {{bin/solr start --insecure}}
Let this JIRA be an umbrella for several child tasks.
Secure ZooKeeper should be easy and the default
---
Key: SOLR-7889
URL: https://issues.apache.org/jira/browse/SOLR-7889
Project: Solr
Issue Type: Improvement
Components: security
Reporter: Jan Høydahl
Priority: Critical
Labels: security, zookeeper
ZooKeeper security is documented at
https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control but
is not trivial to setup, see http://search-lucene.com/m/eHNlqr6EnMrP6O
As we enable more and more security stuff, securing ZK should be easier to do
and ideally the default. This is an umbrella for such improvements.
When all of this is in place and working, perhaps even Solr should refuse to
start if Auth/Autz plugins are in use and ZK communication is not properly
protected, e.g. require {{bin/solr start --insecure}} to override.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org