RE: Anyway to encrypt admin user plain text password in Solr

2019-11-15 Thread Kommu, Vinodh K.
Thanks Jason for sharing the details. Regards, Vinodh -Original Message- From: Jason Gerlowski Sent: Friday, November 15, 2019 12:54 AM To: solr-user@lucene.apache.org Subject: Re: Anyway to encrypt admin user plain text password in Solr ATTENTION! This email originated outside of

RE: Anyway to encrypt admin user plain text password in Solr

2019-11-15 Thread Kommu, Vinodh K.
Thanks Jorn - will check out these options. Regards, Vinodh Kumar K Middleware Cache and Search Engineering DTCC Chennai -Original Message- From: Jörn Franke Sent: Friday, November 15, 2019 1:00 AM To: solr-user@lucene.apache.org Subject: Re: Anyway to encrypt admin user plain text

Re: Anyway to encrypt admin user plain text password in Solr

2019-11-14 Thread Jörn Franke
Use Kerberos or JWT token. > Am 11.11.2019 um 11:41 schrieb Kommu, Vinodh K. : > > Hi, > > After creating admin user in Solr when security is enabled, we have to store > the admin user's credentials in plain text format. Is there any option or a > way to encrypt the plain text password? > >

Re: Anyway to encrypt admin user plain text password in Solr

2019-11-14 Thread Jason Gerlowski
Hi Vinodh, I don't know of any way to encrypt the credentials in "basicAuth.conf", and looking at the code that loads that file I don't see any logic to handle that sort of thing. So I'm near positive there's no way to avoid plaintext here. But, that said, I don't think this should really be tha

Re: Anyway to encrypt admin user plain text password in Solr

2019-11-14 Thread Mark H. Wood
On Thu, Nov 14, 2019 at 11:35:47AM +, Kommu, Vinodh K. wrote: > We store the plain text password in basicAuth.conf file. This is a normal > file & we are securing it only with 600 file permissions so that others > cannot read it. We also run various solr APIs in our custom script for > vario

RE: Anyway to encrypt admin user plain text password in Solr

2019-11-14 Thread Kommu, Vinodh K.
is a concern and auditing issue as well. Regards, Vinodh -Original Message- From: Jason Gerlowski Sent: Thursday, November 14, 2019 6:38 AM To: solr-user@lucene.apache.org Subject: Re: Anyway to encrypt admin user plain text password in Solr ATTENTION! This email originated outside of

Re: Anyway to encrypt admin user plain text password in Solr

2019-11-13 Thread Jason Gerlowski
Hi, To clarify, Solr credentials are stored and shown in a few different places. In some situations the password might live in your "solr.in.sh" file. It also might live in a separate basicAuth.conf file. If you're using SolrCloud, the password might appear in Solr's Admin UI (depending on your

RE: Anyway to encrypt admin user plain text password in Solr

2019-11-13 Thread Kommu, Vinodh K.
Does anyone have an any idea on this? If so, please help. Thanks From: Kommu, Vinodh K. Sent: Monday, November 11, 2019 4:11 PM To: solr-user@lucene.apache.org Subject: Anyway to encrypt admin user plain text password in Solr Hi, After creating admin user in Solr when security is enabled, we hav