solr.xml

Forest Soup (JIRA) Sun, 28 Feb 2016 23:04:11 -0800

     [ 
https://issues.apache.org/jira/browse/SOLR-8756?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Forest Soup updated SOLR-8756:
------------------------------
    Summary: Need 4 config "zkDigestUsername"/"zkDigestPassword"/  solr.xml  
(was: Need config "zkDigestUsername" and "zkDigestPassword" in 
<solrhome>/solr.xml)

> Need 4 config "zkDigestUsername"/"zkDigestPassword"/  solr.xml
> --------------------------------------------------------------
>
>                 Key: SOLR-8756
>                 URL: https://issues.apache.org/jira/browse/SOLR-8756
>             Project: Solr
>          Issue Type: Bug
>          Components: security, SolrCloud
>    Affects Versions: 5.3.1
>         Environment: Linux 64bit
>            Reporter: Forest Soup
>              Labels: security
>
> Need 4 config in <solrhome>/solr.xml instead of -D parameter in solr.in.sh.
> like below:
> <solr>
>   <solrcloud>
>     <str name="zkDigestUsername">zkusername</str>
>     <str name="zkDigestPassword">zkpassword</str"zkDigestUsername">
>     <str name="zkDigestReadonlyUsername">zkreadonlyusername</str>
>     <str 
> name="zkDigestReadonlyUsername">readonlypassword</str"zkDigestUsername">
> ...
> Otherwise, any user can use the linux "ps" command showing the full command 
> line including the plain text zookeeper username and password. If we use file 
> store them, we can control the access of the file not to leak the 
> username/password.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

[jira] [Updated] (SOLR-8756) Need 4 config "zkDigestUsername"/"zkDigestPassword"/ solr.xml

Reply via email to