From 238122ddcc37a47fa1d3e7615a36dc9b366abd9a Mon Sep 17 00:00:00 2001 From: Utsav Parmar Date: Fri, 12 Jun 2026 22:42:11 +0530 Subject: [PATCH 1/2] DEL: deprecated class --- ...ramsAllAndReadonlyDigestZkACLProvider.java | 96 ------------------- 1 file changed, 96 deletions(-) delete mode 100644 solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/VMParamsAllAndReadonlyDigestZkACLProvider.java diff --git a/solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/VMParamsAllAndReadonlyDigestZkACLProvider.java b/solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/VMParamsAllAndReadonlyDigestZkACLProvider.java deleted file mode 100644 index 6ddd1a98a18a..000000000000 --- a/solr/solrj-zookeeper/src/java/org/apache/solr/common/cloud/VMParamsAllAndReadonlyDigestZkACLProvider.java +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.solr.common.cloud; - -import java.util.List; -import org.apache.zookeeper.data.ACL; - -/** - * Deprecated in favor of a combination of {@link DigestZkACLProvider} and {@link - * VMParamsZkCredentialsInjector}. - * - * 
- * Current implementation delegates to {@link DigestZkACLProvider} with an injected {@link VMParamsZkCredentialsInjector}
- *
- */ -@Deprecated -public class VMParamsAllAndReadonlyDigestZkACLProvider extends SecurityAwareZkACLProvider - implements ZkACLProvider { - - @Deprecated - public static final String DEFAULT_DIGEST_USERNAME_VM_PARAM_NAME = - VMParamsZkCredentialsInjector.DEFAULT_DIGEST_USERNAME_VM_PARAM_NAME; - - @Deprecated - public static final String DEFAULT_DIGEST_PASSWORD_VM_PARAM_NAME = - VMParamsZkCredentialsInjector.DEFAULT_DIGEST_PASSWORD_VM_PARAM_NAME; - - @Deprecated - public static final String DEFAULT_DIGEST_READONLY_USERNAME_VM_PARAM_NAME = - VMParamsZkCredentialsInjector.DEFAULT_DIGEST_READONLY_USERNAME_VM_PARAM_NAME; - - @Deprecated - public static final String DEFAULT_DIGEST_READONLY_PASSWORD_VM_PARAM_NAME = - VMParamsZkCredentialsInjector.DEFAULT_DIGEST_READONLY_PASSWORD_VM_PARAM_NAME; - - @Deprecated - public static final String DEFAULT_DIGEST_FILE_VM_PARAM_NAME = - VMParamsZkCredentialsInjector.DEFAULT_DIGEST_FILE_VM_PARAM_NAME; - - private DigestZkACLProvider digestZkACLProvider; - - public VMParamsAllAndReadonlyDigestZkACLProvider() { - this(new VMParamsZkCredentialsInjector()); - } - - public VMParamsAllAndReadonlyDigestZkACLProvider(ZkCredentialsInjector zkCredentialsInjector) { - this.zkCredentialsInjector = zkCredentialsInjector; - this.digestZkACLProvider = new DigestZkACLProvider(zkCredentialsInjector); - } - - public VMParamsAllAndReadonlyDigestZkACLProvider( - String zkDigestAllUsernameVMParamName, - String zkDigestAllPasswordVMParamName, - String zkDigestReadonlyUsernameVMParamName, - String zkDigestReadonlyPasswordVMParamName) { - this( - new VMParamsZkCredentialsInjector( - zkDigestAllUsernameVMParamName, - zkDigestAllPasswordVMParamName, - zkDigestReadonlyUsernameVMParamName, - zkDigestReadonlyPasswordVMParamName)); - } - - @Override - public void setZkCredentialsInjector(ZkCredentialsInjector zkCredentialsInjector) { - this.zkCredentialsInjector = - zkCredentialsInjector != null && !zkCredentialsInjector.getZkCredentials().isEmpty() - ? zkCredentialsInjector - : new VMParamsZkCredentialsInjector(); - this.digestZkACLProvider = new DigestZkACLProvider(this.zkCredentialsInjector); - } - - @Override - protected List createNonSecurityACLsToAdd() { - return digestZkACLProvider.createNonSecurityACLsToAdd(); - } - - @Override - protected List createSecurityACLsToAdd() { - return digestZkACLProvider.createSecurityACLsToAdd(); - } -} From 9c85153fc6b32347a154ad704b97555ec51d7804 Mon Sep 17 00:00:00 2001 From: Utsav Parmar Date: Fri, 12 Jun 2026 22:42:36 +0530 Subject: [PATCH 2/2] doc: update changelog and doc --- .../SOLR-18122-remove-vmparams-acl-provider.yml | 8 ++++++++ .../upgrade-notes/pages/major-changes-in-solr-10.adoc | 2 ++ 2 files changed, 10 insertions(+) create mode 100644 changelog/unreleased/SOLR-18122-remove-vmparams-acl-provider.yml diff --git a/changelog/unreleased/SOLR-18122-remove-vmparams-acl-provider.yml b/changelog/unreleased/SOLR-18122-remove-vmparams-acl-provider.yml new file mode 100644 index 000000000000..1ab1213ef586 --- /dev/null +++ b/changelog/unreleased/SOLR-18122-remove-vmparams-acl-provider.yml @@ -0,0 +1,8 @@ +# See https://github.com/apache/solr/blob/main/dev-docs/changelog.adoc +title: Remove deprecated VMParamsAllAndReadonlyDigestZkACLProvider; use a combination of DigestZkACLProvider and VMParamsZkCredentialsInjector instead. +type: removed +authors: + - name: Utsav Parmar +links: + - name: SOLR-18122 + url: https://issues.apache.org/jira/browse/SOLR-18122 diff --git a/solr/solr-ref-guide/modules/upgrade-notes/pages/major-changes-in-solr-10.adoc b/solr/solr-ref-guide/modules/upgrade-notes/pages/major-changes-in-solr-10.adoc index 627816636c50..935a0357562c 100644 --- a/solr/solr-ref-guide/modules/upgrade-notes/pages/major-changes-in-solr-10.adoc +++ b/solr/solr-ref-guide/modules/upgrade-notes/pages/major-changes-in-solr-10.adoc @@ -284,6 +284,8 @@ Nowadays, the HTTP request is available via internal APIs: `SolrQueryRequest.get * The deprecated `solrcore.properties` configuration method has been removed. The ability to configure a core via a custom properties file using the `core.properties` "property" setting remains. +* The deprecated `VMParamsAllAndReadonlyDigestZkACLProvider` class has been removed. Use a combination of `DigestZkACLProvider` and `VMParamsZkCredentialsInjector` instead. (SOLR-18122) + === Security * There is no longer a distinction between trusted and untrusted configSets; all configSets are now considered trusted. To ensure security, Solr should be properly protected using authentication and authorization mechanisms, allowing only authorized users with administrative privileges to publish them.