[
https://issues.apache.org/jira/browse/SOLR-9481?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15625778#comment-15625778
]
Shawn Heisey commented on SOLR-9481:
------------------------------------
That's kinda scary.
Here's what came to mind before looking at the code: Thread-safe code becomes
very difficult when there are static class variables that affect client
building.
After looking at the code, it's a similar thought, but the situation is worse
than I imagined: Every HttpClient built by our util class in a program will
share the same global list of interceptors (whatever those do). Which means
that if you set up the interceptors the way you want for one server, create the
HttpClient and the SolrClient, then clear the interceptors and set up a second
HttpClient/SolrClient, BOTH clients will use the new list.
> BasicAuthPlugin should support standalone mode
> ----------------------------------------------
>
> Key: SOLR-9481
> URL: https://issues.apache.org/jira/browse/SOLR-9481
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: security
> Reporter: Jan Høydahl
> Assignee: Jan Høydahl
> Labels: authentication
> Fix For: master (7.0), 6.4
>
> Attachments: SOLR-9481.patch, SOLR-9481.patch
>
>
> The BasicAuthPlugin currently only supports SolrCloud, and reads users and
> credentials from ZK /security.json
> Add support for standalone mode operation
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
