[jira] [Commented] (SOLR-9516) New UI doesn't work when Kerberos is enabled

Tue, 28 Feb 2017 18:53:15 -0800 

    [ 
https://issues.apache.org/jira/browse/SOLR-9516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15889399#comment-15889399
 ] 

Alexandre Rafalovitch commented on SOLR-9516:
---------------------------------------------

I am looking at: 
https://cwiki.apache.org/confluence/display/solr/Kerberos+Authentication+Plugin
It says:
{quote}
In order for your browser to access the Solr Admin UI after enabling Kerberos 
authentication, it must be able to negotiate with the Kerberos authenticator 
service to allow you access. Each browser supports this differently, and some 
(like Chrome) do not support it at all. If you see 401 errors when trying to 
access the Solr Admin UI after enabling Kerberos authentication, it's likely 
your browser has not been configured properly to know how or where to negotiate 
the authentication request.

Detailed information on how to set up your browser is beyond the scope of this 
documentation; please see your system administrators for Kerberos for details 
on how to configure your browser.
{quote}

Are we - absolutely - sure that the exact same setup works with the old UI? 
Could we get full browser/network traces for a request made from old UI and 
from New UI? Preferably while the backend is actually running with full TRACE 
log.

> New UI doesn't work when Kerberos is enabled
> --------------------------------------------
>
>                 Key: SOLR-9516
>                 URL: https://issues.apache.org/jira/browse/SOLR-9516
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Admin UI
>            Reporter: Ishan Chattopadhyaya
>              Labels: javascript, newdev, security
>         Attachments: QQ20161012-0.png, Screenshot from 2016-09-15 07-36-29.png
>
>
> It seems resources like http://solr1:8983/solr/libs/chosen.jquery.js 
> encounter 403 error:
> {code}
> 2016-09-15 02:01:45.272 WARN  (qtp611437735-18) [   ] 
> o.a.h.s.a.s.AuthenticationFilter Authentication exception: GSSException: 
> Failure unspecified at GSS-API level (Mechanism level: Request is a replay 
> (34))
> {code}
> The old UI is fine.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to