lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl (JIRA) <j...@apache.org>
Subject [jira] [Updated] (SOLR-7236) Securing Solr (umbrella issue)
Date Fri, 07 Aug 2015 11:27:46 GMT

     [ https://issues.apache.org/jira/browse/SOLR-7236?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jan Høydahl updated SOLR-7236:
------------------------------
    Description: This is an umbrella issue for adding security to Solr, and for high-level
discussions.  (was: This is an umbrella issue for adding security to Solr. The discussion
here should discuss real user needs and high-level strategy, before deciding on implementation
details. All work will be done in sub tasks and linked issues.

Solr has not traditionally concerned itself with security. And It has been a general view
among the committers that it may be better to stay out of it to avoid "blood on our hands"
in this mine-field. Still, Solr has lately seen SSL support, securing of ZK, and signing of
jars, and discussions have begun about securing operations in Solr.

Some of the topics to address are
* User management (flat file, AD/LDAP etc)
* Authentication (Admin UI, Admin and data/query operations. Tons of auth protocols: basic,
digest, oauth, pki..)
* Authorization (who can do what with what API, collection, doc)
* Pluggability (no user's needs are equal)
* And we could go on and on but this is what we've seen the most demand for
)

> Securing Solr (umbrella issue)
> ------------------------------
>
>                 Key: SOLR-7236
>                 URL: https://issues.apache.org/jira/browse/SOLR-7236
>             Project: Solr
>          Issue Type: New Feature
>            Reporter: Jan Høydahl
>              Labels: Security
>
> This is an umbrella issue for adding security to Solr, and for high-level discussions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org


Mime
View raw message