[jira] [Commented] (SOLR-7849) Secure Inter-node communication in a standard mechanism

Fri, 04 Jun 2021 08:49:25 -0700 


    [ 
https://issues.apache.org/jira/browse/SOLR-7849?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17357452#comment-17357452
 ] 

David Smiley commented on SOLR-7849:
------------------------------------

I'm confused on what {{ExecutorUtil.isSolrServerThread}} fundamentally means.  
It has a comment: {{/// this tells whether a thread is owned/run by solr or 
not.}}.  Okay.  Is this ultimately to distinguish Client side (ExecutorUtil is 
in SolrJ so could be client side) vs Server side?  Or is it not that simple; 
are there a subset of server-side threads that we wouldn't want demarcated in 
this way for some reason?  Solr is a client to Solr itself sometimes; does that 
matter?  (think cross-cluster collection join).

> Secure Inter-node communication in a  standard mechanism
> --------------------------------------------------------
>
>                 Key: SOLR-7849
>                 URL: https://issues.apache.org/jira/browse/SOLR-7849
>             Project: Solr
>          Issue Type: Sub-task
>            Reporter: Noble Paul
>            Assignee: Noble Paul
>            Priority: Major
>             Fix For: 5.3, 6.0
>
>         Attachments: SOLR-7849.patch, SOLR-7849.patch, SOLR-7849.patch, 
> SOLR-7849.patch
>
>
> Relying on every Authentication plugin to secure the internode communication 
> is error prone. Solr can standardize the authentication so that only the 
> first request that comes from outside the cluster needs to be authenticated 
> by the authentication plugin
> The scheme to protect the communication will be as follows
> * Every Solr node creates a an RSA key pair 
> * The private key is kept private and the public key is made available 
> through a  core admin API
> * If authentication is enabled , every outgoing request will carry an extra 
> header {{ SolrAuth : <nodename> 
> encrypt_with_pvt_key(<original-user-principal> <timestamp>) }}
> * If authentication is enabled {{SolrDispatchFilter}} would look for this 
> header and see the nodename
> ** If the public key of the nodename is available in cache , make a request 
> to the node and fetch the public key
> ** If the public key has changed (because of a server restart) decryption 
> fails and the public keyis fetched again
> * If the decryption succeeds , the user-name is set to what the header has 
> encoded



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org

Reply via email to