[ https://issues.apache.org/jira/browse/SOLR-10282?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ishan Chattopadhyaya updated SOLR-10282: ---------------------------------------- Attachment: SOLR-10282.patch Here's a patch for enabling kerberos support using bin/solr script. Here's the expected usage: {code} $ bin/solr auth enable -type kerberos -config "-Djava.security.auth.login.config=/home/foo/jaas-client.conf -Dsolr.kerberos.cookie.domain=192.168.0.107 -Dsolr.kerberos.cookie.portaware=true -Dsolr.kerberos.principal=HTTP/192.168.0....@example.com -Dsolr.kerberos.keytab=/keytabs/107.keytab" {code} This will upload a security.json to ZK that sets up KerberosPlugin, and adds the "config" parameter to the solr.in.sh. The user would need to restart the node after performing this step. Going forward, we can make this script support interactive by accepting (and guiding/suggesting) the various configuration parameters, like a wizard. Possibly, even helping the user in writing the JAAS configs. There are some nocommits that need to be resolved before committing, but this is close and it seems to work functionally. > bin/solr support for enabling Kerberos security > ----------------------------------------------- > > Key: SOLR-10282 > URL: https://issues.apache.org/jira/browse/SOLR-10282 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Reporter: Ishan Chattopadhyaya > Assignee: Ishan Chattopadhyaya > Fix For: master (7.0) > > Attachments: SOLR-10282.patch > > > This is in the same spirit as SOLR-8440. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org