You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@lucene.apache.org by "Constantin Bugneac (JIRA)" <ji...@apache.org> on 2017/11/16 11:01:00 UTC
[jira] [Updated] (SOLR-11650) Credentials used for BasicAuth
displayed in clear text on slave nodes
[ https://issues.apache.org/jira/browse/SOLR-11650?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Constantin Bugneac updated SOLR-11650:
--------------------------------------
Attachment: Screen Shot 2017-11-16 at 10.48.38.png
Example
> Credentials used for BasicAuth displayed in clear text on slave nodes
> ---------------------------------------------------------------------
>
> Key: SOLR-11650
> URL: https://issues.apache.org/jira/browse/SOLR-11650
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication
> Affects Versions: 6.6.2
> Reporter: Constantin Bugneac
> Priority: Critical
> Attachments: Screen Shot 2017-11-16 at 10.48.38.png
>
>
> Pre-requisites:
> Have in place Solr configured in master slave replication with BasicAuth enabled.
> Issue:
> In UI on slave (under Replication tab of core) the master url is displayed with username and password used for BasicAuth in clear text.
> Example:
> master url:https://solr:SdjuDf3tM98@solr-master.local.com:8983/solr/mycore
> Suggestion/Idea:
> At least mask the password with *******
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org