Kevin Risden created SOLR-13726:
-----------------------------------
Summary: Krb5HttpClientBuilder avoid setting
javax.security.auth.useSubjectCredsOnly
Key: SOLR-13726
URL: https://issues.apache.org/jira/browse/SOLR-13726
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Reporter: Kevin Risden
Solr should avoid setting system properties that affect the entire JVM.
Specifically "javax.security.auth.useSubjectCredsOnly" is one that can cause a
bunch of issues if SolrJ is colocated with other Kerberos secured services.
Krb5HttpClientBuilder changes the JVM default to false if it is not set. It is
defaulting to true. This affects everything in the JVM. Since SolrJ is meant to
be client side, we should avoid doing this.
[https://github.com/apache/lucene-solr/blame/master/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientBuilder.java#L144]
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
