[jira] [Created] (SOLR-12976) Unify RedactionUtils and metrics hiddenSysProps settings

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

[jira] [Created] (SOLR-12976) Unify RedactionUtils and metrics hiddenSysProps settings

JIRA jira@apache.org
Jan Høydahl created SOLR-12976:

             Summary: Unify RedactionUtils and metrics hiddenSysProps settings
                 Key: SOLR-12976
                 URL: https://issues.apache.org/jira/browse/SOLR-12976
             Project: Solr
          Issue Type: Improvement
      Security Level: Public (Default Security Level. Issues are Public)
          Components: security
            Reporter: Jan Høydahl

System properties can contain sensitive data, and they are easily available from the Admin UI (/admin/info/system) and also from the Metrics API (/admin/metrics).

By default the {{/admin/info/system}} redacts any sys prop with a key containing *password*. This can be configured with sysprop {{-Dsolr.redaction.system.pattern=<regex>}}

The metrics API by default hides these sysprops from the API output:
You can redefine these by adding a section to {{solr.xml}}:
h2. Unifying the two

It is not very user firiendly to have two different systems for redacting system properties and two sets of defaults. This goals of this issue are
 * Keep only one set of defaults
 * Both metrics and system info handler will use the same source
 * It should be possible to change and persist the list without a full cluster restart, preferably though some API

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]