THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- Certificate Authentication Plugin, enabling end-to-end use of x509 client certificates for Authentication and Authorization
- Improved security when using PKI Authentication plugin
- Upgrade to ZK Zookeeper 3.7 allows , allowing for TLS protected ZK communication between Solr and Zookeeper
- All request handlers support security permissions for access
- Ability to disable admin UI through a system property
- The property blockUnknown in the BasicAuthPlugin and the JWTAuthPlugin now defaults to true instead of false.
- The allow-list defining allowed URLs for the shards parameter is not in the shardHandler configuration anymore. It is defined by the allowUrls top-level property of the solr.xml file. For more information, see Format of solr.allowUrls documentation
- Solr now runs with the Java security manager enabled by default. Hadoop users may need to disable this
- Solr embedded zookeeper only binds to localhost by default. See Upgrade Notes for how to obtain old behavior.
- Dependency updates - A lot of dependency updates make Solr overall much more secure.
...