Uploaded image for project: 'Hibernate Search'
  1. HSEARCH-2593

Node discovery uses the HTTP (not HTTPS) scheme by default and isn't configurable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 5.6.0.Final, 5.7.0.CR1
    • Fix Version/s: 5.6.1.Final, 5.7.0.Final
    • Component/s: elasticsearch
    • Labels:
      None

      Description

      Discovered node are added with http:// URLs by default, which is bad considering users can enable authentication, and when using HTTP the credentials (username + password) are transmitted in clear text over the network. So even if we don't care about privacy, the security of the systems will get compromised quite fast.

      Jest allows to configure that through builder.defaultSchemeForDiscoveredNodes(String). We should add a configuration property that we would map to this method.

      Note that it's the same with the official REST client discovery: the scheme is HTTP by default and cannot be discovered automatically.

        Attachments

          Activity

            People

            • Assignee:
              yrodiere Yoann Rodière
              Reporter:
              yrodiere Yoann Rodière
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: