[
https://issues.apache.org/jira/browse/SOLR-13942?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17054793#comment-17054793
]
Noble Paul commented on SOLR-13942:
-----------------------------------
* Our security.json just does not store passwords it's a hash of password + salt
* I'm not sure if the /admin/zookeeper end point has permissions. It's gonna
expose content regardless.
* This new end point has a permission called zk-read . You can restrict access
to that
I would love to see /admin/zookeeper gone. The bare minimum we can do today is,
use the zk-read permission to /admin/zookeeper permission name so that users
can fully restrict exposing that data
> /api/cluster/zk/* to fetch raw ZK data
> --------------------------------------
>
> Key: SOLR-13942
> URL: https://issues.apache.org/jira/browse/SOLR-13942
> Project: Solr
> Issue Type: New Feature
> Components: v2 API
> Reporter: Noble Paul
> Assignee: Noble Paul
> Priority: Minor
> Time Spent: 1h 40m
> Remaining Estimate: 0h
>
> example
> download the {{state.json}} of
> {code}
> GET http://localhost:8983/api/cluster/zk/collections/gettingstarted/state.json
> {code}
> get a list of all children under {{/live_nodes}}
> {code}
> GET http://localhost:8983/api/cluster/zk/live_nodes
> {code}
> If the requested path is a node with children show the list of child nodes
> and their meta data
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
