You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently when an app is bound to SOLR, new credentials are created. There are a number of security concerns with this process:
The read-only solr followers have an account created that is full admin; this doesn't make sense as the user shouldn't be editing the read only solr directly
The admin/leader solr and the read-only solr followers have the same password; that seems unnecessary and a security risk.
There are also problems with unbinding:
No usernames/passwords are ever removed, this seems like an oversight
All of this seems to be related to the code here, although there might need to be more research into cloud foundry unbinding
The text was updated successfully, but these errors were encountered:
Currently when an app is bound to SOLR, new credentials are created. There are a number of security concerns with this process:
There are also problems with unbinding:
All of this seems to be related to the code here, although there might need to be more research into cloud foundry unbinding
The text was updated successfully, but these errors were encountered: