[
https://issues.apache.org/jira/browse/SOLR-7889?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18041486#comment-18041486
]
Jan Høydahl commented on SOLR-7889:
-----------------------------------
Embedde zk still exposes its own ports, but so imagine we’ll be able to
configure it much easier, auto gen cert, choose correct entry client config
etc. something to work at for 10.1
> Secure ZooKeeper should be easy and the default
> -----------------------------------------------
>
> Key: SOLR-7889
> URL: https://issues.apache.org/jira/browse/SOLR-7889
> Project: Solr
> Issue Type: Improvement
> Components: security
> Reporter: Jan Høydahl
> Priority: Critical
> Labels: security, zookeeper
>
> ZooKeeper security is documented at
> https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control but
> is not trivial to setup, see http://search-lucene.com/m/eHNlqr6EnMrP6O
> As we enable more and more security stuff, securing ZK should be easier to do
> and ideally the default. This is an umbrella for such improvements.
> When all of this is in place and working, perhaps even Solr should refuse to
> start if Auth/Autz plugins are in use and ZK communication is not properly
> protected, e.g. require {{bin/solr start --insecure}} to override.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
