As I see things, if you're using Basic Authentication and/or Rule Based Authorization, then the security.json could be copied over to start things.
On Sat, Dec 5, 2015 at 3:38 AM, Oakley, Craig (NIH/NLM/NCBI) [C] < craig.oak...@nih.gov> wrote: > Looking through > cwiki.apache.org/confluence/display/solr/Authentication+and+Authorization+Plugins > one notices that security.json is initially created by zkcli.sh, and then > modified by means of the Authentication API and the Authorization API. By > and large, this sounds like a good way to accomplish such tasks, assuming > that these APIs do some error checking to prevent corruption of > security.json > > I was wondering about cases where one is cloning an existing Solr > instance, such as when creating an instance in Amazon Cloud. If one has a > security.json that has been thoroughly tried and successfully tested on > another Solr instance, is it possible / safe / not-un-recommended to use > zkcli.sh to load the full security.json (as extracted via zkcli.sh from the > Zookeeper of the thoroughly tested existing instance)? Or would the > official verdict be that the only acceptable way to create security.json is > to load a minimal version with zkcli.sh and then to build the remaining > components with the Authentication API and the Authorization API (in a > script, if one wants to automate the process: although such a script would > have to include plain-text passwords)? > > I figured there is no harm in asking. >
