[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16534584#comment-16534584 ] Mano Kovacs commented on SOLR-10783: [~jafurrer], it seems like it. The reason it is printed out is because SolrCLI also initializes SSL to talk to Solr instances and it has no log4j config. So basically that is not Solr printing it out, but SolrCLI. Sorry for missing that, I'll prepare a fix. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Fix For: 7.4, master (8.0) > > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16531153#comment-16531153 ] Jakob Furrer commented on SOLR-10783: - When starting a plain vanilla solr-7.4.0 out-of-the-box on Windows using "solr.cmd" I get the following output: {code:java} c:\solr-7.4.0\bin>solr.cmd start -p 8983 INFO - 2018-07-03 11:57:45.886; org.apache.solr.util.configuration.SSLCredentialProviderFactory; Processing SSL Credential Provider chain: env;sysprop Waiting up to 30 to see Solr running on port 8983 Started Solr server on port 8983. Happy searching! c:\solr-7.4.0\bin>{code} This INFO message cannot be suppressed even though I set all log levels to ERROR in log4j2.xml. Is this a side effect of the patch [^SOLR-10783.patch] ? > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Fix For: 7.4, master (8.0) > > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16517068#comment-16517068 ] Cassandra Targett commented on SOLR-10783: -- bq. will be working on that this week OK, as I previously mentioned to the mailing list, I will be creating the Ref Guide release candidate today, so this will miss the 7.4 version of the Guide. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Fix For: 7.4, master (8.0) > > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16516857#comment-16516857 ] Mano Kovacs commented on SOLR-10783: [~ctargett], you are right, this should have docs in the Ref Guide. Filed SOLR-12497, will be working on that this week. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Fix For: 7.4, master (8.0) > > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16508126#comment-16508126 ] Cassandra Targett commented on SOLR-10783: -- [~manokovacs], [~markrmil...@gmail.com], Doesn't this new functionality need a new Ref Guide page describing how to configure it? I don't see any commits updating the docs for 7.4 for this. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Fix For: 7.4, master (8.0) > > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16432757#comment-16432757 ] ASF subversion and git services commented on SOLR-10783: Commit 750c7a98267941166bdca02a0b182476ed6ec2a5 in lucene-solr's branch refs/heads/branch_7x from [~mark.mil...@oblivion.ch] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=750c7a9 ] SOLR-10783: Add support for Hadoop Credential Provider as SSL/TLS store password source. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16431643#comment-16431643 ] ASF subversion and git services commented on SOLR-10783: Commit 5e2a5a5b8c9ce2fe63cf2cd7eeb434e1a4969f22 in lucene-solr's branch refs/heads/master from [~mark.mil...@oblivion.ch] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=5e2a5a5 ] SOLR-10783: Add support for Hadoop Credential Provider as SSL/TLS store password source. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16430727#comment-16430727 ] Mark Miller commented on SOLR-10783: Thanks Mano. I'll look at this again today. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16417179#comment-16417179 ] Mano Kovacs commented on SOLR-10783: [~markrmil...@gmail.com], thanks for the testing and review. I uploaded a new patch with the precommit hook running. Also, thanks for catching that, I did forget to remove from the background version. Fixed that too. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16416015#comment-16416015 ] Mark Miller commented on SOLR-10783: Also, are all of the SOLR_JETTY_CONFIG refs in solr.cmd treated the same way? It looks to me like quotes are only removed around a subset of occurrences? I may be missing something - on my last pull that file was also conflicted, but not around the spots I'm concerned with. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16411884#comment-16411884 ] Mark Miller commented on SOLR-10783: Tests look good [~manokovacs], but precommit seems to be giving: {noformat} validate-source-patterns: [source-patterns] File uses Mockito but has no assumeWorkingMockito() call: solr/core/src/test/org/apache/solr/util/configuration/SSLConfigurationsTest.java [source-patterns] File uses Mockito but has no assumeWorkingMockito() call: solr/core/src/test/org/apache/solr/util/configuration/providers/HadoopSSLCredentialProviderTest.java BUILD FAILED /data1/ssd/lucene-solr-workspace/lucene-solr-1/build.xml:128: Found 2 violations in source files (File uses Mockito but has no assumeWorkingMockito() call). {noformat} > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16411732#comment-16411732 ] Mark Miller commented on SOLR-10783: Your latest patch seems to test out fine. I'll commit this soon. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16406524#comment-16406524 ] Mano Kovacs commented on SOLR-10783: [~markrmil...@gmail.com], how can we proceed with this jira? > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Affects Versions: 7.0 >Reporter: Mano Kovacs >Assignee: Mark Miller >Priority: Major > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16316996#comment-16316996 ] ASF subversion and git services commented on SOLR-10783: Commit 8e30b2a8acbb26543b307ff0838be680bb9cc5eb in lucene-solr's branch refs/heads/branch_7x from [~cpoerschke] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=8e30b2a ] Revert "SOLR-10783: add (partial) package-info.java to fix precommit" This reverts commit a63c5675bbbd45604025b72149250cee8bb8a254. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16316961#comment-16316961 ] ASF subversion and git services commented on SOLR-10783: Commit 144616b42469c2d815a657b3c05cbff99ce20387 in lucene-solr's branch refs/heads/master from [~cpoerschke] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=144616b ] Revert "SOLR-10783: add (partial) package-info.java to fix precommit" This reverts commit a864c6289a8132988fc51cc711db79238ed2ce04. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16171760#comment-16171760 ] Mano Kovacs commented on SOLR-10783: Failing tests: {noformat} [junit4] Tests with failures [seed: 4CBAA3E7D8BB42C]: [junit4] - org.apache.solr.update.TestInPlaceUpdatesDistrib.test [junit4] - org.apache.solr.core.TestDynamicLoading.testDynamicLoading [junit4] - org.apache.solr.cloud.FullSolrCloudDistribCmdsTest.test [junit4] - org.apache.solr.cloud.CdcrBootstrapTest.testBootstrapWithSourceCluster [junit4] - org.apache.solr.cloud.CdcrBootstrapTest.testConvertClusterToCdcrAndBootstrap [junit4] - org.apache.solr.cloud.ReplaceNodeTest.test [junit4] - org.apache.solr.cloud.TestLeaderElectionWithEmptyReplica.test {noformat} > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16171657#comment-16171657 ] Mano Kovacs commented on SOLR-10783: | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 00s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 00s{color} | {color:green} The patch appears to include 5 new or modified test files. {color} | || || || || {color:brown} master Compile Tests {color} || || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} Check examples refer correct lucene version {color} | {color:green} 0m 05s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} Release audit (RAT) {color} | {color:green} 0m 05s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} Check forbidden APIs {color} | {color:green} 0m 05s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} Check licenses {color} | {color:green} 0m 05s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:red}-1{color} | {color:red} unit {color} | {color:red} 62m 07s{color} | {color:red} core in the patch failed. {color} | | {color:black}{color} | {color:black} {color} | {color:black} 65m 25s{color} | {color:black} {color} | \\ \\ || Subsystem || Report/Notes || | JIRA Issue | SOLR-10783 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12885968/SOLR-10783.patch | | Optional Tests | javac unit | | uname | Darwin manomac.local 16.7.0 Darwin Kernel Version 16.7.0: Thu Jun 15 17:36:27 PDT 2017; root:xnu-3789.70.16~2/RELEASE_X86_64 x86_64 | | Build tool | ant | | Personality | /Users/manokovacs/repos/solr-yetus/dev-tools/test-patch/solr-yetus-personality.sh | | git revision | master / bc95209774 | | Default Java | 1.8.0_101 | | unit | artifact/patchprocess/patch-unit-solr_core.txt | | modules | C: solr solr/core solr/server U: solr | | Powered by | Apache Yetus 0.6.0-SNAPSHOT http://yetus.apache.org | This message was automatically generated. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16162038#comment-16162038 ] Mano Kovacs commented on SOLR-10783: | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 00s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 00s{color} | {color:green} The patch appears to include 5 new or modified test files. {color} | || || || || {color:brown} master Compile Tests {color} || || || || || {color:brown} Patch Compile Tests {color} || | {color:green}+1{color} | {color:green} Check examples refer correct lucene version {color} | {color:green} 0m 06s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} Release audit (RAT) {color} | {color:green} 0m 06s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} Check forbidden APIs {color} | {color:green} 0m 06s{color} | {color:green} the patch passed {color} | | {color:green}+1{color} | {color:green} Check licenses {color} | {color:green} 0m 06s{color} | {color:green} the patch passed {color} | || || || || {color:brown} Other Tests {color} || | {color:red}-1{color} | {color:red} unit {color} | {color:red} 39m 25s{color} | {color:red} solr in the patch failed. {color} | | {color:black}{color} | {color:black} {color} | {color:black} 43m 29s{color} | {color:black} {color} | \\ \\ || Reason || Tests || | Failed junit tests | solr.cloud.CdcrVersionReplicationTest | | | solr.cloud.DistribCursorPagingTest | | | solr.cloud.hdfs.StressHdfsTest | | | solr.cloud.HealthCheckHandlerTest | | | solr.cloud.MultiThreadedOCPTest | | | solr.cloud.RollingRestartTest | | | solr.cloud.ShardSplitTest | | | solr.cloud.TestCollectionAPI | | | solr.cloud.TestLeaderElectionWithEmptyReplica | | | solr.cloud.TestSegmentSorting | | | solr.cloud.TestShortCircuitedRequests | | | solr.cloud.TestTlogReplica | | | solr.schema.TestCloudSchemaless | | | solr.search.stats.TestDistribIDF | | | solr.update.processor.TestNamedUpdateProcessors | \\ \\ || Subsystem || Report/Notes || | JIRA Issue | SOLR-10783 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12885968/SOLR-10783.patch | | Optional Tests | javac unit | | uname | Darwin MunawAir.local 15.6.0 Darwin Kernel Version 15.6.0: Fri Feb 17 10:21:18 PST 2017; root:xnu-3248.60.11.4.1~1/RELEASE_X86_64 x86_64 | | Build tool | ant | | Personality | /Users/munaw/repos/lucene-solr/dev-tools/test-patch/solr-yetus-personality.sh | | git revision | master / 708ed8f | | Default Java | 1.8.0_45 | | unit | artifact/patchprocess/patch-unit-._solr.txt | | modules | C: solr solr/core solr/server U: solr | | Powered by | Apache Yetus 0.6.0-SNAPSHOT http://yetus.apache.org | This message was automatically generated. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157999#comment-16157999 ] Mano Kovacs commented on SOLR-10783: | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || || || || || {color:brown} Prechecks {color} || | {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m 00s{color} | {color:green} The patch does not contain any @author tags. {color} | | {color:green}+1{color} | {color:green} test4tests {color} | {color:green} 0m 00s{color} | {color:green} The patch appears to include 5 new or modified test files. {color} | || || || || {color:brown} master Compile Tests {color} || || || || || {color:brown} Patch Compile Tests {color} || || || || || {color:brown} Other Tests {color} || | {color:green}+1{color} | {color:green} unit {color} | {color:green} 60m 54s{color} | {color:green} solr in the patch passed. {color} | | {color:red}-1{color} | {color:red} asflicense {color} | {color:red} 0m 08s{color} | {color:red} solr in the patch failed. {color} | | {color:black}{color} | {color:black} {color} | {color:black} 61m 32s{color} | {color:black} {color} | \\ \\ || Subsystem || Report/Notes || | JIRA Issue | SOLR-10783 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12885968/SOLR-10783.patch | | Optional Tests | asflicense javac unit | | uname | Darwin MunawAir.local 15.6.0 Darwin Kernel Version 15.6.0: Fri Feb 17 10:21:18 PST 2017; root:xnu-3248.60.11.4.1~1/RELEASE_X86_64 x86_64 | | Build tool | ant | | Personality | /Users/munaw/repos/lucene-solr/dev-tools/test-patch/solr-yetus-personality.sh | | git revision | master / ce29124 | | Default Java | 1.8.0_45 | | asflicense | artifact/patchprocess/patch-asflicense-._solr.txt | | modules | C: solr solr/core solr/server U: solr | | Powered by | Apache Yetus 0.6.0-SNAPSHOT http://yetus.apache.org | This message was automatically generated. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157712#comment-16157712 ] ASF subversion and git services commented on SOLR-10783: Commit ce291247218d733dff12e19110dd9c8bef9d759f in lucene-solr's branch refs/heads/master from [~mark.mil...@oblivion.ch] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=ce29124 ] SOLR-10783: Revert for now - having run the tests a few times today, one of them may be concerning (reverted from commit b4d280f369023a179e98154535ed4b06ea096f5f) > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157713#comment-16157713 ] ASF subversion and git services commented on SOLR-10783: Commit 31a56ab8ef88790465910c546769b7f113e5c11c in lucene-solr's branch refs/heads/branch_7x from [~mark.mil...@oblivion.ch] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=31a56ab ] SOLR-10783: Revert for now - having run the tests a few times today, one of them may be concerning (reverted from commit b4d280f369023a179e98154535ed4b06ea096f5f) > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157526#comment-16157526 ] ASF subversion and git services commented on SOLR-10783: Commit b8ba331aab9400e1272442f711754ad98a9c38f4 in lucene-solr's branch refs/heads/branch_7x from [~mark.mil...@oblivion.ch] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=b8ba331 ] SOLR-10783: Fix constructor. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157525#comment-16157525 ] ASF subversion and git services commented on SOLR-10783: Commit 938820861334c6ad1de5efc520d78ac3fec71981 in lucene-solr's branch refs/heads/master from [~mark.mil...@oblivion.ch] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=9388208 ] SOLR-10783: Fix constructor. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157451#comment-16157451 ] Joel Bernstein commented on SOLR-10783: --- I'm getting the following error when start solr now. It may be related to this ticket. NFO - 2017-09-07 14:57:41.803; org.apache.solr.util.configuration.SSLCredentialProviderFactory; Processing SSL Credential Provider chain: env;sysprop Exception in thread "main" java.lang.NullPointerException at org.apache.solr.util.configuration.providers.EnvSSLCredentialProvider.getCredential(EnvSSLCredentialProvider.java:57) at org.apache.solr.util.configuration.providers.AbstractSSLCredentialProvider.getCredential(AbstractSSLCredentialProvider.java:53) at org.apache.solr.util.configuration.SSLConfigurations.getPassword(SSLConfigurations.java:123) at org.apache.solr.util.configuration.SSLConfigurations.getClientKeyStorePassword(SSLConfigurations.java:109) at org.apache.solr.util.configuration.SSLConfigurations.init(SSLConfigurations.java:62) at org.apache.solr.util.SolrCLI.main(SolrCLI.java:273) > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157317#comment-16157317 ] Mano Kovacs commented on SOLR-10783: [~hossman], I agree, its a small change in size but affects the {{jetty-ssl.xml}}, therefore most of the tests. Would it make sense to roll back from 7x and have the fix on master? > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157308#comment-16157308 ] Hoss Man commented on SOLR-10783: - (NOTE: nothing personal to you, or this change in particular, i just feel like we -- as a project -- have gotten in the habit of backporting to quickly w/o letting changes soak. This change just happens to be a topical example) > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157303#comment-16157303 ] Hoss Man commented on SOLR-10783: - matter of perspective i guess ... i think any change (even if it was only 1 line of code) that can cause ~100 tests to NPE is "big enough" (in terms of affected code paths) to deserve to soak on master for a bit. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157221#comment-16157221 ] Mark Miller commented on SOLR-10783: No rush really, small directory snafu on test run. Don't think it's very big change really. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157217#comment-16157217 ] Hoss Man commented on SOLR-10783: - [~markrmil...@gmail.com] -- this seems like a big enough change, causing a lot of problems, that it should be rolled back until it gets better testing (and once it does, it should probably be alowed to soak on master for at least a day before backporting into 7x ... what's the rush?) > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783-fix.patch, SOLR-10783.patch, > SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157008#comment-16157008 ] Mano Kovacs commented on SOLR-10783: Sorry, fixing. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16157003#comment-16157003 ] Steve Rowe commented on SOLR-10783: --- Jenkins is getting NPE's in a bunch of tests, e.g. from [https://jenkins.thetaphi.de/job/Lucene-Solr-master-Linux/20430/]: {noformat} Checking out Revision 5324c7436c8ba578fa38d8e7fc8219abac154558 (refs/remotes/origin/master) [...] [junit4] 2> NOTE: reproduce with: ant test -Dtestcase=TestSolrCloudWithHadoopAuthPlugin -Dtests.seed=76478651A88BAF52 -Dtests.multiplier=3 -Dtests.slow=true -Dtests.locale=sr-Latn-RS -Dtests.timezone=Australia/Eucla -Dtests.asserts=true -Dtests.file.encoding=ISO-8859-1 [junit4] ERROR 0.00s J1 | TestSolrCloudWithHadoopAuthPlugin (suite) <<< [junit4]> Throwable #1: java.lang.Exception: Error starting up MiniSolrCloudCluster [junit4]>at __randomizedtesting.SeedInfo.seed([76478651A88BAF52]:0) [junit4]>at org.apache.solr.cloud.MiniSolrCloudCluster.checkForExceptions(MiniSolrCloudCluster.java:507) [junit4]>at org.apache.solr.cloud.MiniSolrCloudCluster.(MiniSolrCloudCluster.java:251) [junit4]>at org.apache.solr.cloud.SolrCloudTestCase$Builder.configure(SolrCloudTestCase.java:190) [junit4]>at org.apache.solr.security.hadoop.TestSolrCloudWithHadoopAuthPlugin.setupClass(TestSolrCloudWithHadoopAuthPlugin.java:52) [junit4]>at java.lang.Thread.run(Thread.java:748) [junit4]>Suppressed: java.lang.RuntimeException: java.lang.NullPointerException [junit4]>at org.eclipse.jetty.servlet.ServletHandler.updateMappings(ServletHandler.java:1600) [junit4]>at org.eclipse.jetty.servlet.ServletHandler.setFilterMappings(ServletHandler.java:1659) [junit4]>at org.eclipse.jetty.servlet.ServletHandler.addFilterMapping(ServletHandler.java:1316) [junit4]>at org.eclipse.jetty.servlet.ServletHandler.addFilterWithMapping(ServletHandler.java:1145) [junit4]>at org.eclipse.jetty.servlet.ServletContextHandler.addFilter(ServletContextHandler.java:448) [junit4]>at org.apache.solr.client.solrj.embedded.JettySolrRunner$1.lifeCycleStarted(JettySolrRunner.java:306) [junit4]>at org.eclipse.jetty.util.component.AbstractLifeCycle.setStarted(AbstractLifeCycle.java:179) [junit4]>at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:69) [junit4]>at org.apache.solr.client.solrj.embedded.JettySolrRunner.start(JettySolrRunner.java:394) [junit4]>at org.apache.solr.client.solrj.embedded.JettySolrRunner.start(JettySolrRunner.java:367) [junit4]>at org.apache.solr.cloud.MiniSolrCloudCluster.startJettySolrRunner(MiniSolrCloudCluster.java:384) [junit4]>at org.apache.solr.cloud.MiniSolrCloudCluster.lambda$new$0(MiniSolrCloudCluster.java:247) [junit4]>at java.util.concurrent.FutureTask.run(FutureTask.java:266) [junit4]>at org.apache.solr.common.util.ExecutorUtil$MDCAwareThreadPoolExecutor.lambda$execute$0(ExecutorUtil.java:188) [junit4]>at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [junit4]>at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [junit4]>... 1 more [junit4]>Caused by: java.lang.NullPointerException [junit4]>at org.apache.solr.util.configuration.providers.EnvSSLCredentialProvider.getCredential(EnvSSLCredentialProvider.java:57) [junit4]>at org.apache.solr.util.configuration.providers.AbstractSSLCredentialProvider.getCredential(AbstractSSLCredentialProvider.java:53) [junit4]>at org.apache.solr.util.configuration.SSLConfigurations.getPassword(SSLConfigurations.java:123) [junit4]>at org.apache.solr.util.configuration.SSLConfigurations.getClientKeyStorePassword(SSLConfigurations.java:109) [junit4]>at org.apache.solr.util.configuration.SSLConfigurations.init(SSLConfigurations.java:62) [junit4]>at org.apache.solr.servlet.SolrDispatchFilter.init(SolrDispatchFilter.java:148) [junit4]>at org.eclipse.jetty.servlet.FilterHolder.initialize(FilterHolder.java:139) [junit4]>at org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:873) [junit4]>at org.eclipse.jetty.servlet.ServletHandler.updateMappings(ServletHandler.java:1596) {noformat} > Using Hadoop Credential Provider as SSL/TLS store password source >
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16156830#comment-16156830 ] ASF subversion and git services commented on SOLR-10783: Commit a63c5675bbbd45604025b72149250cee8bb8a254 in lucene-solr's branch refs/heads/branch_7x from [~cpoerschke] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=a63c567 ] SOLR-10783: add (partial) package-info.java to fix precommit > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16156828#comment-16156828 ] ASF subversion and git services commented on SOLR-10783: Commit a864c6289a8132988fc51cc711db79238ed2ce04 in lucene-solr's branch refs/heads/master from [~cpoerschke] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=a864c62 ] SOLR-10783: add (partial) package-info.java to fix precommit > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16156393#comment-16156393 ] ASF subversion and git services commented on SOLR-10783: Commit 1ee488e194fb825081a16146507dfaccce5e7f67 in lucene-solr's branch refs/heads/branch_7x from [~mark.mil...@oblivion.ch] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=1ee488e ] SOLR-10783 Add support for Hadoop Credential Provider as SSL/TLS store password source. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16156394#comment-16156394 ] ASF subversion and git services commented on SOLR-10783: Commit b4d280f369023a179e98154535ed4b06ea096f5f in lucene-solr's branch refs/heads/master from [~mark.mil...@oblivion.ch] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=b4d280f ] SOLR-10783 Add support for Hadoop Credential Provider as SSL/TLS store password source. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16145730#comment-16145730 ] Mark Miller commented on SOLR-10783: I'll try and get this soon > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch, SOLR-10783.patch, SOLR-10783.patch, > SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16076542#comment-16076542 ] Mano Kovacs commented on SOLR-10783: bq. I think we'd like the ability to use a credential provider in Alfresco/Solr, but we don't use Hadoop. I think you don't need to use Hadoop to use the credential provider API. bq. Is there a way to rework this so that we have a HadoopSSLConfiguration subclass that is used rather than special casing SSLConfigurations for different providers? Sure, I will refactor the patch. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16066585#comment-16066585 ] Mark Miller commented on SOLR-10783: I think we may want to use a new JIRA issue if we want to make this plugable, but it kind of does seem like we should make this more object oriented in design to start. Is there a way to rework this so that we have a HadoopSSLConfiguration subclass that is used rather than special casing SSLConfigurations for different providers? > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16061239#comment-16061239 ] Joel Bernstein commented on SOLR-10783: --- I think we'd like the ability to use a credential provider in Alfresco/Solr, but we don't use Hadoop. Is there a way that we can make this a generic plugin? > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch, SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16061184#comment-16061184 ] Mano Kovacs commented on SOLR-10783: | (x) *{color:red}-1 overall{color}* | \\ \\ || Vote || Subsystem || Runtime || Comment || | {color:red}-1{color} | {color:red} patch {color} | {color:red} 0m 05s{color} | {color:red} SOLR-10783 does not apply to master. Rebase required? Wrong Branch? See https://yetus.apache.org/documentation/0.4.0/precommit-patchnames for help. {color} | \\ \\ || Subsystem || Report/Notes || | JIRA Issue | SOLR-10783 | | JIRA Patch URL | https://issues.apache.org/jira/secure/attachment/12871693/SOLR-10783.patch | | Powered by | Apache Yetus 0.4.0 http://yetus.apache.org | This message was automatically generated. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16050575#comment-16050575 ] Mano Kovacs commented on SOLR-10783: bq. Why remove the quotes on this variable? Will that have other side affects? {{SOLR_JETTY_CONFIG}} is solely used to pass {{--module=http(s)}} to {{start.jar}}. It is defined in the scripts so it was not usable from the outside. It is working both {{start.jar "--module=http"}} and {{start.jar --module=http}}, so it was not an issue before, but I added quoted jetty config so I removed the quotes to prevent double quotes. > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-10783) Using Hadoop Credential Provider as SSL/TLS store password source
[ https://issues.apache.org/jira/browse/SOLR-10783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16050545#comment-16050545 ] Mark Miller commented on SOLR-10783: {noformat} --Djava.io.tmpdir="%SOLR_SERVER_DIR%\tmp" -jar start.jar "%SOLR_JETTY_CONFIG%" +-Djava.io.tmpdir="%SOLR_SERVER_DIR%\tmp" -jar start.jar %SOLR_JETTY_CONFIG% {noformat} Why remove the quotes on this variable? Will that have other side affects? > Using Hadoop Credential Provider as SSL/TLS store password source > - > > Key: SOLR-10783 > URL: https://issues.apache.org/jira/browse/SOLR-10783 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: security >Reporter: Mano Kovacs >Assignee: Mark Miller > Attachments: SOLR-10783.patch > > > As a second iteration of SOLR-10307, I propose support of hadoop credential > providers as source of SSL store passwords. > Motivation: When SOLR is used in hadoop environment, support of HCP gives > better integration and unified method to pass sensitive credentials to SOLR. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org