[
https://issues.apache.org/jira/browse/SOLR-7896?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14709254#comment-14709254
]
Konstantin Gribov commented on SOLR-7896:
-----------------------------------------
My point on enabling/disabling SSL by default is that Solr is often behind
firewall and _near_ to back-end which use it, they are both in some kind of
private network, so TLS will be cpu, network and management overhead for such
cases. I believe that it's primary use case and exposed Solr installations are
rare.
Also, requiring admin UI auth seems to be a good idea only at first glance.
Under the cover it will require non-trivial role model to separate user actions
and admin actions on all available handlers (like discussed in SOLR-7838) which
heavy depends on configured handlers and use case: sometimes {{update}} is
normal action for user and {{delete by id}} is not, sometimes {{delete by id}}
should be allowed, but {{delete by query}} shouldn't etc.
Another potential issue with self-made security framework is creating high
quality security modules. If some of them may be created and distributed with
Solr, so pass some QA by Solr committers, third party modules can have lesser
quality and affect overall Solr experience. Buggy or just slow third party
security filter will lead to bad user experience. Credentials and authN/authZ
rules caching and synchronization are other hard-to-implement-correctly part,
especially in distributed environment.
Since role to user mapping is non-trivial and authN/authZ is hard to configure,
security setup as standard Solr installation step would be frightening for many
users. I think, it should be optional for users, who want or have to use such
security model.
> Solr Administrative Interface Lacks Password Protection
> -------------------------------------------------------
>
> Key: SOLR-7896
> URL: https://issues.apache.org/jira/browse/SOLR-7896
> Project: Solr
> Issue Type: Bug
> Components: security, web gui
> Affects Versions: 5.2.1
> Reporter: Aaron Greenspan
> Priority: Critical
>
> Out of the box, the Solr interface should require an administrative password
> that the user is required to set. Apparently there are ways of configuring
> Jetty to do this with HTTP AUTH or whatever. I'm a moderately experienced
> Linux admin and a programmer; I've tried, numerous times, and I've not once
> been able to get it to work. The point is this, though:
> *No one should have to try to get their Solr instance to support password
> authentication and preferably SSL (even if it's just with a self-signed
> certificate). Solr is designed to store huge amounts of data and is therefore
> a likely target for malicious users.*
> This needs to be addressed! It's 2015 and Solr is on version 5!
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
