You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@lucene.apache.org by "Ishan Chattopadhyaya (JIRA)" <ji...@apache.org> on 2016/04/28 11:08:12 UTC

[jira] [Updated] (SOLR-8792) ZooKeeper ACL support broken

     [ https://issues.apache.org/jira/browse/SOLR-8792?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ishan Chattopadhyaya updated SOLR-8792:
---------------------------------------
    Summary: ZooKeeper ACL support broken  (was: ZooKeeper ACL not restricting access to zkcli)

> ZooKeeper ACL support broken
> ----------------------------
>
>                 Key: SOLR-8792
>                 URL: https://issues.apache.org/jira/browse/SOLR-8792
>             Project: Solr
>          Issue Type: Bug
>          Components: Authentication, documentation
>    Affects Versions: 5.0
>            Reporter: Esther Quansah
>              Labels: acl, authentication, security, zkcli, zkcli.sh, zookeeper
>             Fix For: 5.5.1, 6.1
>
>         Attachments: SOLR-8792.patch
>
>
> The documentation presented here: https://cwiki.apache.org/confluence/display/solr/ZooKeeper+Access+Control
> details the process of securing Solr content in ZooKeeper using ACLs. In the example usages, it is mentioned that access to zkcli can be restricted by adding credentials to the zkcli.sh script in addition to adding the appropriate classnames to solr.xml. With the scripts in zkcli.sh, another machine should not be able to read or write from the host ZK without the necessary credentials. At this time, machines are able to read/write from the host ZK with or without these credentials.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org