[
https://issues.apache.org/jira/browse/SOLR-9040?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15258650#comment-15258650
]
Hoss Man commented on SOLR-9040:
--------------------------------
bq. I probably felt that the builder for the httpclient and setting this for
the pooling connection manager where somewhat distinct. ..
Hmm, ok well -- my point is really just that it seems weird to me that there is
this special SchemaRegistryProvider API that people have to write impls of just
to implement one method that returns the registry -- and to use their
SchemaRegistryProvider they have to call
HttpClientUtil.setSchemeRegistryProvider -- but meanwhile in SolrCLI it's setup
that a simple system property ("solr.authentication.httpclient.builder") can be
used to to override the SolrHttpClientBuilder, but nothing can be used to
easily override the default SchemaRegistryProvider from the command line like
that (and as is, the default SchemaRegistryProvider is ignorant of the standard
javax.net.ssl.* sys props that SolrHttpClient use to pay attention to
implicitly).
I mean - i suppose your custom SolrHttpClientBuilder that you specify with
{{-Dsolr.authentication.httpclient.builder}} could, in it's constructor call
{{HttpClientUtil.setSchemeRegistryProvider(...)}} ... it just seems weird that
{{SchemaRegistryProvider getSchemaRegisteryProvider()}} isn't a method in the
SolrHttpClientBuilder API (or that it isn't just refactored down to putting
{{Registry<ConnectionSocketFactory> getSchemaRegistry()}} directly in
SolrHttpClientBuilder (especially since
{{HttpClientUtil.resetHttpClientBuilder}} also automatically resets
schemaRegistryProvider as well -- making them very closely bound to each other)
In any case... I've updated the patch in SOLR-9028 to demonstrate this bug (it
already had most of the plumbing needed) and with the current SOLR-9040.patch
1/2 failures is resolved -- but something is still wrong with clientAuth using
the system properties, so i guess maybe the no arg
PoolingHttpClientConnectionManager doesn't pick up *all* the javax.* system
properties like i thought? ... i'm going to try to get to the bottom of that
before i worry too much about what the final HttpClientUtil API should be for
dealing with the scheme registry.
> bin/solr SSL support for client->server communcation broken on master
> ---------------------------------------------------------------------
>
> Key: SOLR-9040
> URL: https://issues.apache.org/jira/browse/SOLR-9040
> Project: Solr
> Issue Type: Bug
> Reporter: Hoss Man
> Assignee: Hoss Man
> Attachments: SOLR-9040.patch
>
>
> Working on SOLR-9028 lead me to realize that {{bin/solr}} actions which
> require communicating with solr over HTTP are broken on master when SSL is
> enabled. My testing suggests that this doesn't affect branch 6x or 6.0.
> (Long) detailed steps to reproduce to follow in first comment
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
