Forest Soup created SOLR-8756: --------------------------------- Summary: Need config "zkDigestUsername" and "zkDigestPassword" in <solrhome>/solr.xml Key: SOLR-8756 URL: https://issues.apache.org/jira/browse/SOLR-8756 Project: Solr Issue Type: Bug Components: security, SolrCloud Affects Versions: 5.3.1 Environment: Linux 64bit Reporter: Forest Soup
Need 2 config in <solrhome>/solr.xml instead of -D parameter in solr.in.sh. like below: <solr> <solrcloud> <str name="zkDigestUsername">zkusername</str> <str name="zkDigestPassword">zkpassword</str"zkDigestUsername"> <str name="zkDigestReadonlyUsername">zkreadonlyusername</str> <str name="zkDigestReadonlyUsername">readonlypassword</str"zkDigestUsername"> ... Otherwise, any user can use the linux "ps" command showing the full command line including the plain text zookeeper username and password. If we use file store them, we can control the access of the file not to leak the username/password. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org