THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- Certificate Authentication Plugin: Supports loading the certificate subject via a user principal into the AuthorizationContext and enables end-to-end use of client certificates for Authentication and Authorization
- Improved security when using PKI Authentication plugin
- Upgrade to ZK 3.7 allows for TLS communication between Solr and Zookeeper
- All request handlers support security permissions for access
- Ability to disable admin UI through a system property
- The property blockUnknown in the BasicAuthPlugin and the JWTAuthPlugin now defaults to true instead of false.
- The allow-list defining allowed URLs for the shards parameter is not in the shardHandler configuration anymore. It is defined by the allowUrls top-level property of the solr.xml file. For more information, see Format of solr.allowUrls documentation
- Solr now runs with the java Java security manager enabled by default. Administrators that need to run Solr with Hadoop will Hadoop users may need to disable this feature by setting SOLR_SECURITY_MANAGER_ENABLED=false in the environment or in one of the Solr init scripts.
- Solr embedded zookeeper only binds to localhost by default. This embedded zookeeper should not be used in production. If you rely upon the previous behavior, then you can change the clientPortAddress in solr/server/solr/zoo.cfg
- Dependency updates - A lot of dependency updates make Solr overall much more secure.
...