epugh commented on code in PR #4405: URL: https://github.com/apache/solr/pull/4405#discussion_r3208169887
########## solr/solr-ref-guide/modules/deployment-guide/pages/authentication-and-authorization-plugins.adoc: ########## @@ -211,8 +211,8 @@ They may do this through the so-called `HttpClientBuilder` mechanism, or they ma The `PKIAuthenticationPlugin` provides a built-in authentication mechanism where each Solr node is a super user and is fully trusted by other Solr nodes through the use of Public Key Infrastructure (PKI). Each Authentication plugin may choose to delegate all or some inter-node traffic to the PKI plugin. -There are currently two versions of the PKI Authentication protocol available in Solr. For each outgoing request `PKIAuthenticationPlugin` adds a special header which carries the request timestamp and user principal. -When a node receives a request with this special header, it will verify to message using the corresponding source node's public key. +For each outgoing request `PKIAuthenticationPlugin` adds a `SolrAuthV2` header which contains: the source node name, user principal, request timestamp, and a base64-encoded RSA signature. Review Comment: Will someone brand new to solr be confused by a `SolrAuthV2` property and ownder about `SolrAuthV1`. Do we need a tip or a link to the upgrade notes? I guess we can't just use the name `SolrAuth` eitehr... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
