lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mano Kovacs (JIRA)" <>
Subject [jira] [Commented] (SOLR-10076) Hiding keystore and truststore passwords from /admin/info/* outputs
Date Thu, 23 Feb 2017 14:26:44 GMT


Mano Kovacs commented on SOLR-10076:

Thank you for the feedback, [~ichattopadhyaya].

Do you think the redaction of command line password could be handled as the first patch contains?

> Hiding keystore and truststore passwords from /admin/info/* outputs
> -------------------------------------------------------------------
>                 Key: SOLR-10076
>                 URL:
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: Mano Kovacs
>         Attachments: SOLR-10076.patch
> Passing keystore and truststore password is done by system properties, via cmd line parameter.
> As result, {{/admin/info/properties}} and {{/admin/info/system}} will print out the received
> Proposing solution to automatically redact value of any system property before output,
containing the word {{password}}, and replacing its value with {{******}}.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message