ctargett commented on a change in pull request #635: SOLR-13371 improve security chapters in refguide URL: https://github.com/apache/lucene-solr/pull/635#discussion_r291791616
########## File path: solr/solr-ref-guide/src/securing-solr.adoc ########## @@ -19,16 +19,52 @@ When planning how to secure Solr, you should consider which of the available features or approaches are right for you. -* Authentication or authorization of users using: -** <<kerberos-authentication-plugin.adoc#kerberos-authentication-plugin,Kerberos Authentication Plugin>> -** <<basic-authentication-plugin.adoc#basic-authentication-plugin,Basic Authentication Plugin>> -** <<rule-based-authorization-plugin.adoc#rule-based-authorization-plugin,Rule-Based Authorization Plugin>> -** <<authentication-and-authorization-plugins.adoc#authentication-and-authorization-plugins,Custom authentication or authorization plugin>> -* <<enabling-ssl.adoc#enabling-ssl,Enabling SSL>> -* If using SolrCloud, <<zookeeper-access-control.adoc#zookeeper-access-control,ZooKeeper Access Control>> -* <<audit-logging.adoc#audit-logging,Audit logging>> for recording an audit trail - [WARNING] ==== No Solr API, including the Admin UI, is designed to be exposed to non-trusted parties. Tune your firewall so that only trusted computers and people are allowed access. Because of this, the project will not regard e.g., Admin UI XSS issues as security vulnerabilities. However, we still ask you to report such issues in JIRA. ==== + +=== Encryption with TLS (SSL) certificates Review comment: It's not just a compile warning - we would fail the build for sections out of order if we could. Even though I know it breaks the page in the PDF, we need to use the levels in order. After 8.1 I intend to propose we drop the PDF as our main release artifact, which means we could change the format type we use, which would totally change all of this page break behavior (the "article" format doesn't page-break any sections at all). ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
