When starting Apache Solr, configured with the
VMParamsAllAndReadonlyDigestZkACLProvider and no existing
znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and would allow it to be readable. Additionally, with any
ZkACLProvider, if the
security.json is already present, Solr will not automatically update the ACLs.