Jan Høydahl created SOLR-14216:
----------------------------------
Summary: Exclude HealthCheck from authentication
Key: SOLR-14216
URL: https://issues.apache.org/jira/browse/SOLR-14216
Project: Solr
Issue Type: Improvement
Security Level: Public (Default Security Level. Issues are Public)
Components: Authentication
Reporter: Jan Høydahl
The {{HealthCheckHandler}} on {{/api/node/health}} and
{{/solr/admin/info/health}} should by default not be subject to authentication,
but be open for all. This allows for load balancers and various monitoring to
probe Solr's health without having to support the auth scheme in place. I can't
see any reason we need auth on the health endpoint.
It is possible to achieve the same by setting blockUnknown=false and
configuring three RBAC permissions: One for v1 endpoint, one for v2 endpoint
and one "all" catch all at the end of the chain. But this is cumbersome so
better have this ootb.
An alternative solution is to create a separate HttpServer for health check,
listening on a different port, just like embedded ZK and JMX.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
