[
https://issues.apache.org/jira/browse/SOLR-7824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Eric Pugh resolved SOLR-7824.
-----------------------------
Resolution: Won't Do
Hadoop Auth removed in Solr 10.
> Make server kerberos subject available to authorization plugin code
> -------------------------------------------------------------------
>
> Key: SOLR-7824
> URL: https://issues.apache.org/jira/browse/SOLR-7824
> Project: Solr
> Issue Type: Improvement
> Components: security, Server
> Affects Versions: 5.2
> Reporter: Bosco
> Priority: Major
>
> [~ichattopadhyaya] and [~anshumg], thanks for implementing Kerberos
> authentication in Solr as part of
> https://issues.apache.org/jira/browse/SOLR-7468
> Is it possible to make the kerberos subject used by the Solr process made
> available to the authorization. It could be a static method which gives the
> subject.
> The reason being, in Apache Ranger implementation of the authorization
> plugin, we also do Audit. When we want to write the audit logs to Kerberized
> HDFS or Kerberized Solr, we have to read the jaas file again and create the
> subject/principal. This requires the authorization code duplicate the tasks
> done the by Solr server, which includes reading the jaas file and principal
> from -D option or other config files. Since this might change over the period
> of time, it is better to just reuse subject the Solr server creates for
> interacting between the nodes.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
