[
https://issues.apache.org/jira/browse/SOLR-4407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14308429#comment-14308429
]
Steve Davids commented on SOLR-4407:
------------------------------------
Sorry for not being more specific. Yes, the instructions does allow for
specifying your own self-signed certificate and importing that specific
certificate in a new trust store that will be loaded by the container - this
will lock it down to the specific certificate. The modification that I have
done is to create a custom servlet container to openly accept client
certificates within an organization, perform an LDAP lookup (via cert DN) to
pull groups then grant access if they are apart of a specific group. With this
capability we are able to grant access via LDAP groups which is a preferred
route of client authentication for our specific use-case.
So, to answer your question:
bq. What aspect of SSL do you think isn't already configurable?
SSL is configurable via trust stores but mechanisms for a customizable
certificate based authentication system isn't in place, such as the case above
(get cert DN + user lookup via LDAP to authorize).
> SSL Certificate based authentication for SolrCloud
> --------------------------------------------------
>
> Key: SOLR-4407
> URL: https://issues.apache.org/jira/browse/SOLR-4407
> Project: Solr
> Issue Type: New Feature
> Components: SolrCloud
> Affects Versions: 4.1
> Reporter: Sindre Fiskaa
> Assignee: Steve Rowe
> Labels: Authentication, Certificate, SSL
> Fix For: 4.7, Trunk
>
>
> I need to be able to secure sensitive information in solrnodes running in a
> SolrCloud with either SSL client/server certificates or http basic auth..
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
