janhoy commented on issue #488: URL: https://github.com/apache/solr-operator/issues/488#issuecomment-1421405218
Thanks for your input. I'm a bit reluctant to bloat the operator with a deep understanding of all the workings of all the auth/authz options for Solr. Keeping the java and go understanding of this in sync may prove difficult, also 3rd party auth plugins must be able to configure too. So if we go this direction, I'd rather have the operator only do a thin wrapper and convert the YAML directly to security.json and push it to Solr/ZK. A disadvantage with pushing to ZK is that you don't get feedback on whether it applied or not, there is just a stacktrace in solr's log. And a disadvantage of pushing to `/api/cluster/security/authentication/` endpoint is that you may lock yourself out if you do a mistake, i.e. remove admin role for the operator's own admin user... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org
