In order to configure our dataSource without requiring a plaintext password in the configuration file, we extended JdbcDataSource to create our own custom implementation. Our dataSource config now looks something like this:
We are using the RSA JSAFE Crypto-J libraries for encrypting/decrypting the password. However, this seems to cause an issue when we try use Solr in a Cloud Configuration (using Zookeeper). The error is "Strong key gen and multiprime gen require at least 1024-bit keysize." Full log attached.
This seems to be due to the hard-coded value of 512 in the org.apache.solr.util.CryptoKeys$RSAKeyPair class:
I pulled down the Solr code, changed the hard-coded value to 1024, rebuilt it, and now everything seems to work great.