Please do! Karl
On Tue, Dec 17, 2019 at 7:06 AM Jörn Franke <jornfra...@gmail.com> wrote: > Thanks a lot Karl for your feedback. Do you mind if I create a Jira where > I report on the progress? > > Am 17.12.2019 um 12:22 schrieb Karl Wright <daddy...@gmail.com>: > > > Well, you can certainly attempt this simply enough then if you build from > source. I'd prefer that you validate the approach before we make permanent > commits. > > Please let me know what works and what doesn't. > > Karl > > > On Tue, Dec 17, 2019 at 1:22 AM Jörn Franke <jornfra...@gmail.com> wrote: > >> I agree. >> The delegation part is not relevant for me. I also do not believe it >> makes sense at the ETL level. >> I think still we need add the one line of code that allows to use >> Kerberos (second line in the example). >> >> Am 17.12.2019 um 01:35 schrieb Karl Wright <daddy...@gmail.com>: >> >> >> Hi Jorn, >> >> The code referenced cannot be set up differently from connection to >> connection so there is no point in having this be anything other than >> global. In that case you can point at the config file with >> -D<parameter>=value and it will do the same thing as setting a system >> property. >> >> The token delegation with HttpClient I'll have to study to confirm that >> we're doing this right in the connector. >> >> Karl >> >> >> >> On Mon, Dec 16, 2019 at 6:15 PM Jörn Franke <jornfra...@gmail.com> wrote: >> >>> Thanks a lot for the quick reply. Actually it is here: >>> https://lucene.apache.org/solr/guide/8_3/kerberos-authentication-plugin.html#using-solrj-with-a-kerberized-solr >>> It is also available in the previous versions of Solr. >>> I wonder how easy it would be to add a configuration to the Manifold UI >>> to point to a jaas-client.conf. However, it is also not strictly necessary >>> that this one is configurable in the UI. It could be also a checkbox yes/no >>> Kerberos authentication and the jaas-client.conf could be put in a certain >>> folder. >>> >>> Interesting would be also if Solr 8.x can be made work in this setting. >>> >>> On Mon, Dec 16, 2019 at 11:47 PM Karl Wright <daddy...@gmail.com> wrote: >>> >>>> The Solr Output Connector uses a patched HttpComponents/HttpClient for >>>> communication with the various Solr Cloud replicas, along with custom >>>> versions of some of the SolrJ classes which allow multipart posts to work. >>>> Other than that it's standard SolrJ. Whatever SolrJ needs to work with >>>> Kerberos, therefore, should work with the ManifoldCF Solr Output >>>> Connector. So if you can point me at the SolrJ documentation for this >>>> configuration I can perhaps review it and give you my opinion as to the >>>> difficulty involved. >>>> >>>> Karl >>>> >>>> >>>> On Mon, Dec 16, 2019 at 5:31 PM Jörn Franke <jornfra...@gmail.com> >>>> wrote: >>>> >>>>> Hallo, >>>>> >>>>> does the Solr Output Connector support SolrCloud with Kerberos >>>>> authentication and Zookeeper with Kerberos authentication? >>>>> >>>>> If so, how can this be configured? >>>>> >>>>> If it is not supported, is there an "easy" way to integrate this? From >>>>> a development perspective the Kerberos Authentication with both is not >>>>> difficult to achieve, but of course it stil needs to be integrated in the >>>>> whole solution. >>>>> >>>>> Thank you. >>>>> >>>>> Best regards >>>>> >>>>