Thank you Jan, your solution is also super easy, I was not aware of that, thanks for letting me know, it solves another use case for us. Yes, we use the REST API, but since we use solr as a docker image I feel unease to commit the initial password in the image. We came out with the following solution: 1) in the security.json we have a placeholder instead of the hardcoded password 2) we replace it (sed) before starting solr with in an init script (inside solr_init.d) by reading the real password from a vault. Thanks for your feedback!
Clemente https://www.linkedin.com/in/clemente-biondo Il giorno ven 28 ago 2020 alle ore 10:43 Jan Høydahl <jan....@cominvent.com> ha scritto: > Cool, it’s even easier than my old Java tool: > https://github.com/cominvent/solr-tools < > https://github.com/cominvent/solr-tools> > > Also, I can recommend using the authenitcation REST API to add users > instead of hardcoding. The API takes care of the encoding for you! > > Jan > > > 27. aug. 2020 kl. 18:28 skrev Clemente Biondo <clemente.bio...@gmail.com > >: > > > > I was a little annoyed of the default "SolrRocks" password so I wrote a > > little utility to generate solr passwords for the Basic Authentication > > plugin and made it available online. > > The password encoder is written in simple plain javascript, there is no > > need to install or download anything, the process is entirely local and > no > > data is sent over the internet. > > The utility is published under an MIT licence and you are welcome to use > or > > improve upon it. > > Hope you like it! > > > > The source repository is here: > > https://github.com/clemente-biondo/clemente-biondo.github.io > > The online utility is here: https://clemente-biondo.github.io/ > > > > Security was my main concern, I tried to address the best I coud, again > any > > feedback is welcome and appreciated. > > > > Cheers! > > Clemente Biondo > >