Well, you can certainly attempt this simply enough then if you build from source. I'd prefer that you validate the approach before we make permanent commits.
Please let me know what works and what doesn't. Karl On Tue, Dec 17, 2019 at 1:22 AM Jörn Franke <jornfra...@gmail.com> wrote: > I agree. > The delegation part is not relevant for me. I also do not believe it makes > sense at the ETL level. > I think still we need add the one line of code that allows to use > Kerberos (second line in the example). > > Am 17.12.2019 um 01:35 schrieb Karl Wright <daddy...@gmail.com>: > > > Hi Jorn, > > The code referenced cannot be set up differently from connection to > connection so there is no point in having this be anything other than > global. In that case you can point at the config file with > -D<parameter>=value and it will do the same thing as setting a system > property. > > The token delegation with HttpClient I'll have to study to confirm that > we're doing this right in the connector. > > Karl > > > > On Mon, Dec 16, 2019 at 6:15 PM Jörn Franke <jornfra...@gmail.com> wrote: > >> Thanks a lot for the quick reply. Actually it is here: >> https://lucene.apache.org/solr/guide/8_3/kerberos-authentication-plugin.html#using-solrj-with-a-kerberized-solr >> It is also available in the previous versions of Solr. >> I wonder how easy it would be to add a configuration to the Manifold UI >> to point to a jaas-client.conf. However, it is also not strictly necessary >> that this one is configurable in the UI. It could be also a checkbox yes/no >> Kerberos authentication and the jaas-client.conf could be put in a certain >> folder. >> >> Interesting would be also if Solr 8.x can be made work in this setting. >> >> On Mon, Dec 16, 2019 at 11:47 PM Karl Wright <daddy...@gmail.com> wrote: >> >>> The Solr Output Connector uses a patched HttpComponents/HttpClient for >>> communication with the various Solr Cloud replicas, along with custom >>> versions of some of the SolrJ classes which allow multipart posts to work. >>> Other than that it's standard SolrJ. Whatever SolrJ needs to work with >>> Kerberos, therefore, should work with the ManifoldCF Solr Output >>> Connector. So if you can point me at the SolrJ documentation for this >>> configuration I can perhaps review it and give you my opinion as to the >>> difficulty involved. >>> >>> Karl >>> >>> >>> On Mon, Dec 16, 2019 at 5:31 PM Jörn Franke <jornfra...@gmail.com> >>> wrote: >>> >>>> Hallo, >>>> >>>> does the Solr Output Connector support SolrCloud with Kerberos >>>> authentication and Zookeeper with Kerberos authentication? >>>> >>>> If so, how can this be configured? >>>> >>>> If it is not supported, is there an "easy" way to integrate this? From >>>> a development perspective the Kerberos Authentication with both is not >>>> difficult to achieve, but of course it stil needs to be integrated in the >>>> whole solution. >>>> >>>> Thank you. >>>> >>>> Best regards >>>> >>>
