You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Jan Høydahl (JIRA)" <ji...@apache.org> on 2015/08/11 09:30:45 UTC
[jira] [Commented] (SOLR-7909) ZK ACL credential provider cannot be
set from JVM params as documented
[ https://issues.apache.org/jira/browse/SOLR-7909?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14681367#comment-14681367 ]
Jan Høydahl commented on SOLR-7909:
-----------------------------------
I see that {{ZkACLProvider}} is created both in {{ZkController}} (from solr.xml config only) and in {{SolrZkClient}} (from System props only), and when created in {{ZkController.java}} the instance is passed to {{SolrZkClient}}'s constructor.
Fix is probably to make a single factory class or method for {{ZkACLProvider}} which takes both sysprop name and class name from solr.xml as input and creates the correct provider, with sysprop having priority.
> ZK ACL credential provider cannot be set from JVM params as documented
> ----------------------------------------------------------------------
>
> Key: SOLR-7909
> URL: https://issues.apache.org/jira/browse/SOLR-7909
> Project: Solr
> Issue Type: Bug
> Components: security
> Affects Versions: 5.2.1
> Reporter: Jan Høydahl
> Priority: Blocker
> Fix For: 5.3
>
>
> In RefGuide https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control you are told to setup ZK security provider classes with system properties, but as noted in the comments to that page, that no longer works, and you need to set these in solr.xml.
> This should be a simple fix to get into 5.3, and quite important since 5.3 is more than anything a "security" release...
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org