You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@solr.apache.org by ho...@apache.org on 2024/03/26 20:26:26 UTC

(solr-operator) branch main updated: Update default security.json in solr-cloud-crd.md to include permission for /admin/info/system path (#680)

This is an automated email from the ASF dual-hosted git repository.

houston pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr-operator.git


The following commit(s) were added to refs/heads/main by this push:
     new 6837ad2  Update default security.json in solr-cloud-crd.md to include permission for /admin/info/system path (#680)
6837ad2 is described below

commit 6837ad2fb326fca48ef69774ef49cfe18dcca58d
Author: Dan Niles <56...@users.noreply.github.com>
AuthorDate: Wed Mar 27 01:56:20 2024 +0530

    Update default security.json in solr-cloud-crd.md to include permission for /admin/info/system path (#680)
---
 docs/solr-cloud/solr-cloud-crd.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/docs/solr-cloud/solr-cloud-crd.md b/docs/solr-cloud/solr-cloud-crd.md
index 8c8874e..c1053cd 100644
--- a/docs/solr-cloud/solr-cloud-crd.md
+++ b/docs/solr-cloud/solr-cloud-crd.md
@@ -1000,6 +1000,12 @@ Take a moment to review these authorization rules so that you're aware of the ro
         "name": "k8s-probe-0",
         "role": null,
         "collection": null,
+        "path": "/admin/info/system"
+      },
+      {
+        "name": "k8s-probe-1",
+        "role": null,
+        "collection": null,
         "path": "/admin/info/health"
       },
       {
@@ -1057,7 +1063,7 @@ A few aspects of the default `security.json` configuration warrant a closer look
         "name": "k8s-probe-0",
         "role": null,
         "collection": null,
-        "path": "/admin/info/health"
+        "path": "/admin/info/system"
       }
 ``` 
 In this case, the `"role":null` indicates this endpoint allows anonymous access by unknown users. 
@@ -1153,6 +1159,7 @@ _Note: be sure to use a stronger password for real deployments_
 
 Users need to ensure their `security.json` contains the user supplied in the `basicAuthSecret` has read access to the following endpoints:
 ```
+/admin/info/system
 /admin/info/health
 /admin/collections
 /admin/metrics