You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lucene.apache.org by ge...@apache.org on 2019/12/09 17:46:04 UTC
[lucene-solr] branch jira/solr-13972 updated: SOLR-13972: Address
review comments (1)
This is an automated email from the ASF dual-hosted git repository.
gerlowskija pushed a commit to branch jira/solr-13972
in repository https://gitbox.apache.org/repos/asf/lucene-solr.git
The following commit(s) were added to refs/heads/jira/solr-13972 by this push:
new 16217a1 SOLR-13972: Address review comments (1)
16217a1 is described below
commit 16217a18fd772dd6121f357945a06e0b32ab993d
Author: Jason Gerlowski <ge...@apache.org>
AuthorDate: Mon Dec 9 12:45:01 2019 -0500
SOLR-13972: Address review comments (1)
- shortens link url
- moves link to "Securing Solr" ref guide page
- renames questionable method name
---
solr/core/src/java/org/apache/solr/core/CoreContainer.java | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/solr/core/src/java/org/apache/solr/core/CoreContainer.java b/solr/core/src/java/org/apache/solr/core/CoreContainer.java
index 1558e73..f494f50 100644
--- a/solr/core/src/java/org/apache/solr/core/CoreContainer.java
+++ b/solr/core/src/java/org/apache/solr/core/CoreContainer.java
@@ -658,7 +658,7 @@ public class CoreContainer {
securityConfHandler = isZooKeeperAware() ? new SecurityConfHandlerZk(this) : new SecurityConfHandlerLocal(this);
reloadSecurityProperties();
- warnUsersIfSecurityDisabled();
+ warnUsersOfInsecureSettings();
this.backupRepoFactory = new BackupRepositoryFactory(cfg.getBackupRepositoryPlugins());
createHandler(ZK_PATH, ZookeeperInfoHandler.class.getName(), ZookeeperInfoHandler.class);
@@ -899,17 +899,18 @@ public class CoreContainer {
initializeAuditloggerPlugin((Map<String, Object>) securityConfig.getData().get("auditlogging"));
}
- private void warnUsersIfSecurityDisabled() {
+ private void warnUsersOfInsecureSettings() {
if (authenticationPlugin == null || authorizationPlugin == null) {
log.warn("Not all security plugins configured! authentication={} authorization={}. Solr is only as secure as " +
"you make it. Consider configuring authentication/authorization before exposing Solr to users internal or " +
- "external. See https://lucene.apache.org/solr/guide/authentication-and-authorization-plugins.html for more info",
+ "external. See https://s.apache.org/solrsecurity for more info",
(authenticationPlugin != null) ? "enabled" : "disabled",
(authorizationPlugin != null) ? "enabled" : "disabled");
}
if (authenticationPlugin !=null && StringUtils.isNotEmpty(System.getProperty("solr.jetty.https.port"))) {
- log.warn("Solr authentication is enabled, but SSL is off. Consider enabling SSL to protect user credentials and data with encryption.");
+ log.warn("Solr authentication is enabled, but SSL is off. Consider enabling SSL to protect user credentials and " +
+ "data with encryption.");
}
}