[
https://issues.apache.org/jira/browse/SOLR-7889?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16895190#comment-16895190
]
Erick Erickson commented on SOLR-7889:
--------------------------------------
+1
> Secure ZooKeeper should be easy and the default
> -----------------------------------------------
>
> Key: SOLR-7889
> URL: https://issues.apache.org/jira/browse/SOLR-7889
> Project: Solr
> Issue Type: Improvement
> Components: security
> Reporter: Jan Høydahl
> Priority: Critical
> Labels: security, zookeeper
>
> ZooKeeper security is documented at
> https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control but
> is not trivial to setup, see http://search-lucene.com/m/eHNlqr6EnMrP6O
> As we enable more and more security stuff, securing ZK should be easier to do
> and ideally the default. This is an umbrella for such improvements.
> When all of this is in place and working, perhaps even Solr should refuse to
> start if Auth/Autz plugins are in use and ZK communication is not properly
> protected, e.g. require {{bin/solr start --insecure}} to override.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
