Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Won't Fix
-
None
-
None
-
None
-
None
Description
Historically, Solr has always stayed away from securing any operations and we even allow GET operation on an HTTP end point to manipulate almost anything inside a Solr cluster
We can categorize the operations such as
- Loading executable (runtime jars)
SOLR-7126 - conf files
SOLR-6736 - schema API
- config API
- collections API
- /update/* operation to any collection
SOLR-7126 has solved this problem using PKI where the public keys can be uploaded to /keys/exe and all jars loaded are verified using one of the public keys.
A similar scheme can be used for other operations as well. We can add keys to other directories and use them to verify other operations. The only catch is , that we will need to send all the payload via POST
The advantage of this scheme is that Solr does not need to manage any credentials or take care of storing anything secretly. It just needs a few public keys to be stored in ZK and security will kick in automatically. External solutions can build on top of these and provide authentication etc