Hi, To clarify, Solr credentials are stored and shown in a few different places. In some situations the password might live in your "solr.in.sh" file. It also might live in a separate basicAuth.conf file. If you're using SolrCloud, the password might appear in Solr's Admin UI (depending on your version of Solr). The password is also stored in ZooKeeper.
Some of these locations already store the credentials in an encrypted form. Other locations are only problematic if attackers have access to the disk that Solr is running on, at which point you have much bigger problems. If you can be more specific about the exposure you're concerned about, we can discuss whether there's an actual security concern there and how to work around it. Best, Jason On Wed, Nov 13, 2019 at 11:22 AM Kommu, Vinodh K. <vko...@dtcc.com> wrote: > > Does anyone have an any idea on this? If so, please help. > > Thanks > From: Kommu, Vinodh K. > Sent: Monday, November 11, 2019 4:11 PM > To: solr-user@lucene.apache.org > Subject: Anyway to encrypt admin user plain text password in Solr > > Hi, > > After creating admin user in Solr when security is enabled, we have to store > the admin user's credentials in plain text format. Is there any option or a > way to encrypt the plain text password? > > Thanks, > Vinodh > DTCC DISCLAIMER: This email and any files transmitted with it are > confidential and intended solely for the use of the individual or entity to > whom they are addressed. If you have received this email in error, please > notify us immediately and delete the email and any attachments from your > system. The recipient should check this email and any attachments for the > presence of viruses. The company accepts no liability for any damage caused > by any virus transmitted by this email.
