Forest Soup created SOLR-8756:
---------------------------------
Summary: Need config "zkDigestUsername" and "zkDigestPassword" in
<solrhome>/solr.xml
Key: SOLR-8756
URL: https://issues.apache.org/jira/browse/SOLR-8756
Project: Solr
Issue Type: Bug
Components: security, SolrCloud
Affects Versions: 5.3.1
Environment: Linux 64bit
Reporter: Forest Soup
Need 2 config in <solrhome>/solr.xml instead of -D parameter in solr.in.sh.
like below:
<solr>
<solrcloud>
<str name="zkDigestUsername">zkusername</str>
<str name="zkDigestPassword">zkpassword</str"zkDigestUsername">
<str name="zkDigestReadonlyUsername">zkreadonlyusername</str>
<str
name="zkDigestReadonlyUsername">readonlypassword</str"zkDigestUsername">
...
Otherwise, any user can use the linux "ps" command showing the full command
line including the plain text zookeeper username and password. If we use file
store them, we can control the access of the file not to leak the
username/password.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
