Robert Muir
126d6b7767
SOLR-13984: add (experimental, disabled by default) security manager support ( #1082 )
...
* SOLR-13984: add (experimental, disabled by default) security manager support.
User can set SOLR_SECURITY_MANAGER_ENABLED=true to enable security manager at runtime.
The current policy file used by tests is moved to solr/server
Additional permissions are granted for the filesystem locations set by bin/solr, and networking everywhere is enabled.
This takes advantage of the fact that permission entries are ignored if properties are not defined:
https://docs.oracle.com/javase/7/docs/technotes/guides/security/PolicyFiles.html#PropertyExp
2019-12-24 06:30:31 -08:00
Robert Muir
72c99e921c
SOLR-14136: ip whitelist/blacklist via env vars ( #1111 )
...
SOLR-14136: ip whitelist/blacklist via env vars
This makes it easy to restrict access to Solr by IP. For example SOLR_IP_WHITELIST="127.0.0.1, 192.168.0.0/24, [::1], [2000:123:4:5::]/64" would restrict access to v4/v6 localhost, the 192.168.0 ipv4 network, and 2000:123:4:5 ipv6 network. Any other IP will receive a 403 response.
Blacklisting functionality can deny access to problematic addresses or networks that would otherwise be allowed. For example SOLR_IP_BLACKLIST="192.168.0.3, 192.168.0.4" would explicitly prevent those two specific addresses from accessing solr.
2019-12-23 19:26:11 -05:00
Robert Muir
1425d6cbf8
SOLR-14138: enable request log via environ var, remove deprecated jetty class usage, respect SOLR_LOGS_DIR ( #1110 )
...
User can now set SOLR_REQUESTLOG_ENABLED=true to enable the jetty request log, instead of editing XML. The location of the request logs will respect SOLR_LOGS_DIR if that is set. The deprecated NCSARequestLog is no longer used, instead it uses CustomRequestLog with NCSA_FORMAT.
2019-12-23 10:37:31 -05:00
Cao Manh Dat
7350c50316
SOLR-13798: SSL: Adding Enabling/Disabling client's hostname verification config
2019-09-30 16:29:43 +01:00
Jan Høydahl
b54126169b
SOLR-13569: AdminUI visual indication of prod/test/dev environment
2019-06-26 12:09:02 +02:00
Ishan Chattopadhyaya
9c77889217
SOLR-13394: Switch default GC from CMS to G1
2019-04-25 13:58:43 +05:30
Tomas Fernandez Lobbe
8b54b20fc4
SOLR-12770: Make it possible to configure a host whitelist for distributed search
2019-01-15 11:44:57 -08:00
Cassandra Targett
df5540acc9
SOLR-12497: Add documentation for Hadoop credential provider-based keystore/truststore
2018-11-15 00:35:25 -06:00
Steve Rowe
6f9f4f70f2
SOLR-12434: Fix standalone mode 'bin/solr config' to not pass in empty -z ZK_HOST param; revert accidental ZK_HOST definition in solr.in.cmd
2018-06-13 09:35:18 -04:00
Steve Rowe
ba62472bd3
SOLR-12434: bin/solr {config,healthcheck} ignore ZK_HOST in solr.in.{sh,cmd}
2018-06-12 20:01:20 -04:00
Chris Hostetter
4e0e8e979b
SOLR-9304: Fix Solr's HTTP handling to respect '-Dsolr.ssl.checkPeerName=false' aka SOLR_SSL_CHECK_PEER_NAME
2018-04-22 13:38:37 -07:00
Mark Miller
5e2a5a5b8c
SOLR-10783: Add support for Hadoop Credential Provider as SSL/TLS store password source.
2018-04-09 21:57:56 -05:00
Jan Høydahl
0989e5874a
SOLR-12144: SOLR_LOG_PRESTART_ROTATION now defaults to false, we leverage log4j2 for log rotation on startup
2018-04-03 13:10:20 +02:00
Erick Erickson
624d128b5e
SOLR-7887: Upgrade Solr to use log4j2 -- log4j 1 now officially end of life
2018-03-25 19:16:09 -07:00
Cao Manh Dat
2bc2759bf4
SOLR-5129: Add support for changing flag in bin/solr
2017-10-21 22:05:30 +07:00
Uwe Schindler
86f7d6779a
SOLR-8689: Fix bin/solr.cmd so it can run properly on Java 9
2017-08-21 22:30:53 +02:00
Jan Høydahl
39dfb7808a
SOLR-6671: Possible to set solr.data.home property as root dir for all data
2017-06-20 13:21:14 +02:00
Mark Miller
0fb89f17e1
SOLR-10307: Allow Passing SSL passwords through environment variables.
2017-05-16 14:19:16 -03:00
markrmiller
e1a5776457
SOLR-9997: Enable configuring SolrHttpClientBuilder via java system property.
2017-02-07 13:15:51 -05:00
markrmiller
075aec91cd
SOLR-9885: Allow pre-startup Solr log management in Solr bin scripts to be disabled.
2017-01-19 03:07:09 -05:00
Kevin Risden
bf424d1ec1
SOLR-9728: Ability to specify Key Store type in solr.in file for SSL
2016-11-28 09:52:02 -06:00
Jan Høydahl
feb1a5d3e7
SOLR-9670: Support SOLR_AUTHENTICATION_OPTS in solr.cmd
2016-10-26 15:17:13 +02:00
David Smiley
8ae3304c86
SOLR-7580: Move defaults in bin/solr.in.sh into bin/solr (incl. Windows)
2016-10-19 16:38:06 -04:00
Jan Høydahl
33db4de4d7
SOLR-9325: solr.log is now written to $SOLR_LOGS_DIR without changing log4j.properties
2016-10-14 23:19:09 +02:00
Jan Høydahl
eba3939a04
SOLR-7436: Solr stops printing stacktraces in log and output (add -XX:-OmitStackTraceInFastThrow to solr.in.{sh|cmd))
2016-09-28 10:06:15 +02:00
Jan Høydahl
73c2edddf0
SOLR-9534: You can now set Solr's log level through environment variable SOLR_LOG_LEVEL and -q and -v options to bin/solr
2016-09-22 21:05:28 +02:00
Steve Rowe
5d4cd44b6d
SOLR-8792: ZooKeeper ACL support fixed
2016-05-03 18:57:59 -04:00
Uwe Schindler
3e6de6059f
SOLR-9046: Fix solr.cmd that wrongly assumes Jetty will always listen on 0.0.0.0
2016-04-28 06:05:52 +02:00
Mark Robert Miller
af2bce9ee1
SOLR-7831: Start Scripts: Allow a configurable stack size [-Xss]
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1694523 13f79535-47bb-0310-9956-ffa450edef68
2015-08-06 15:26:11 +00:00
Jan Høydahl
2d5f162bb8
SOLR-7735: Look for solr.xml in Zookeeper by default
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1692673 13f79535-47bb-0310-9956-ffa450edef68
2015-07-26 00:15:27 +00:00
Shalin Shekhar Mangar
c3185b5489
SOLR-4839: Separate jetty and client specific SSL properties
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1676102 13f79535-47bb-0310-9956-ffa450edef68
2015-04-26 12:44:20 +00:00
Shalin Shekhar Mangar
299ddc5abe
SOLR-4839: SSL support with Jetty 9. Also fixes SOLR-7449 on trunk.
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1675619 13f79535-47bb-0310-9956-ffa450edef68
2015-04-23 14:17:35 +00:00
Shawn Heisey
5f5814ce27
SOLR-7319: Revert previous patch, return to discussion.
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1670370 13f79535-47bb-0310-9956-ffa450edef68
2015-03-31 15:54:05 +00:00
Shawn Heisey
421897ea3c
SOLR-7319: Workaround for the "Four Month Bug" GC pause problem
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1669731 13f79535-47bb-0310-9956-ffa450edef68
2015-03-28 04:07:18 +00:00
Timothy Potter
7401236745
SOLR-6982: bin/solr and SolrCLI should support SSL-related Java System Properties
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1652208 13f79535-47bb-0310-9956-ffa450edef68
2015-01-15 18:24:48 +00:00
Timothy Potter
4e65c4d1e0
SOLR-6851: Scripts to help install and run Solr as a service on Linux
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1647700 13f79535-47bb-0310-9956-ffa450edef68
2014-12-23 23:20:42 +00:00
Timothy Potter
3a5438ec1f
SOLR-6843: JMX RMI connector should be disabled by default but can be activated by setting ENABLE_REMOTE_JMX_OPTS to true in solr.in.(sh|cmd).
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1644978 13f79535-47bb-0310-9956-ffa450edef68
2014-12-12 17:07:06 +00:00
Timothy Potter
9806b86719
SOLR-6726: better strategy for selecting the JMX RMI port based on SOLR_PORT in bin/solr
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1642745 13f79535-47bb-0310-9956-ffa450edef68
2014-12-01 19:50:30 +00:00
Timothy Potter
f66288743c
SOLR-6742: change eol-style to CRLF
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1639789 13f79535-47bb-0310-9956-ffa450edef68
2014-11-14 21:31:52 +00:00
Timothy Potter
fe6eff7d1b
SOLR-6705: Add specific JVM version checking to Windows start scripts
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1638429 13f79535-47bb-0310-9956-ffa450edef68
2014-11-11 21:28:17 +00:00
Jan Høydahl
5240a5ac8a
SOLR-6697: bin/solr start scripts allow setting SOLR_OPTS in solr.in.*
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1638423 13f79535-47bb-0310-9956-ffa450edef68
2014-11-11 21:20:56 +00:00
Timothy Potter
3f566e6e91
SOLR-6549: add a -s option to set the -Dsolr.solr.home property, thus allowing multiple Solr nodes on the same host to share the same server directory -d but with different Solr home directories
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1630550 13f79535-47bb-0310-9956-ffa450edef68
2014-10-09 18:42:21 +00:00
Timothy Potter
6662a12c71
SOLR-3617: start/stop script with support for running examples
...
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1616271 13f79535-47bb-0310-9956-ffa450edef68
2014-08-06 16:30:01 +00:00