[ https://issues.apache.org/jira/browse/SOLR-9516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15924793#comment-15924793 ]
Ishan Chattopadhyaya commented on SOLR-9516: -------------------------------------------- Amrit, I think it is fine to exclude the /solr/libs from being served through SDF (and hence leaving them unauthenticated), but that still doesn't explain why the authentication was failing for them. Excluding them from authentication makes sense due to performance reasons, but this is just a workaround to some other potential problem with SDF/Kerberos. If you're sure that other parts of UI also work fine (collections/core admin command buttons, zk/file tree etc.), then lets just commit the patch now and worry later as to why authentication wasn't working for /solr/lib endpoints (there could be some other problem with the way SDF works in certain cases). > New UI doesn't work when Kerberos is enabled > -------------------------------------------- > > Key: SOLR-9516 > URL: https://issues.apache.org/jira/browse/SOLR-9516 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Components: Admin UI > Reporter: Ishan Chattopadhyaya > Labels: javascript, newdev, security > Attachments: QQ20161012-0.png, Screenshot from 2016-09-15 > 07-36-29.png, SOLR-9516.patch > > > It seems resources like http://solr1:8983/solr/libs/chosen.jquery.js > encounter 403 error: > {code} > 2016-09-15 02:01:45.272 WARN (qtp611437735-18) [ ] > o.a.h.s.a.s.AuthenticationFilter Authentication exception: GSSException: > Failure unspecified at GSS-API level (Mechanism level: Request is a replay > (34)) > {code} > The old UI is fine. -- This message was sent by Atlassian JIRA (v6.3.15#6346) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org