Don't let "basic auth" without SSL think there is inherent security, if someone has access to the network it is trivial to sniff network traffic and pickup the username/password (as noted in the caveats section <https://cwiki.apache.org/confluence/display/solr/Basic+Authentication+Plugin>). There is a little more overhead for setting up SSL connections but as long as there is keep-alives it's not too big of a penalty. Another option could be using two-way SSL for authentication purposes.
-Steve On Fri, Jan 20, 2017 at 1:00 AM, Byunghoon Lim <seian.h...@gmail.com> wrote: > Hi Ishan! Thanks for the advice :) I will try it. > > Best, > Hoon > > Regards, > Hoon > > On Fri, Jan 20, 2017 at 11:55 AM, Ishan Chattopadhyaya < > ichattopadhy...@gmail.com> wrote: > >> Basic auth should have the best performance (almost negligible difference >> between unsecured and secured). Also, you could try delegation tokens >> support. >> >> On Fri, Jan 20, 2017 at 7:41 AM, Byunghoon Lim <seian.h...@gmail.com> >> wrote: >> >>> Hi! I am Hoon who is running a Solr cluster on production. >>> >>> I am considering adding an authentication for Solr Cloud using like >>> Basic Authentication plugin. Here, my concern is, if I bring the >>> authentication plugin to the cluster, how much latency will increase or >>> affected. >>> >>> Is there any results or data for the performance? >>> or, please let me know the best authentication plugin which doesn't >>> affect latency. >>> >>> Thanks in advance. >>> >>> Best, >>> Hoon >>> >> >> >
