THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- Certificate Authentication Plugin: Supports loading the certificate subject via a user principal into the AuthorizationContext and enables end-to-end use of client certificates for Authentication and Authorization
- Improved security when using PKI Authentication plugin
- Upgrade to ZK 3.7 allows for TLS communication between Solr and Zookeeper
- All request handlers support security permissions for access
- Ability to disable admin UI through a system property
- The property blockUnknown in the BasicAuthPlugin and the JWTAuthPlugin now defaults to true instead of false.
- The allow-list defining allowed URLs for the shards parameter is not in the shardHandler configuration anymore. It is defined by the allowUrls top-level property of the solr.xml file. For more information, see Format of solr.allowUrls documentation
- Solr now runs with the Java security manager enabled by default. Hadoop users may need to disable this
- Solr embedded zookeeper only binds to localhost by default. This embedded zookeeper should not be used in production. If you rely upon the previous behavior, then you can change the clientPortAddress in solr/server/solr/zoo.cfgSee Upgrade Notes for how to obtain old behavior.
- Dependency updates - A lot of dependency updates make Solr overall much more secure.
...