[ https://issues.apache.org/jira/browse/SOLR-7824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Eric Pugh resolved SOLR-7824. ----------------------------- Resolution: Won't Do Hadoop Auth removed in Solr 10. > Make server kerberos subject available to authorization plugin code > ------------------------------------------------------------------- > > Key: SOLR-7824 > URL: https://issues.apache.org/jira/browse/SOLR-7824 > Project: Solr > Issue Type: Improvement > Components: security, Server > Affects Versions: 5.2 > Reporter: Bosco > Priority: Major > > [~ichattopadhyaya] and [~anshumg], thanks for implementing Kerberos > authentication in Solr as part of > https://issues.apache.org/jira/browse/SOLR-7468 > Is it possible to make the kerberos subject used by the Solr process made > available to the authorization. It could be a static method which gives the > subject. > The reason being, in Apache Ranger implementation of the authorization > plugin, we also do Audit. When we want to write the audit logs to Kerberized > HDFS or Kerberized Solr, we have to read the jaas file again and create the > subject/principal. This requires the authorization code duplicate the tasks > done the by Solr server, which includes reading the jaas file and principal > from -D option or other config files. Since this might change over the period > of time, it is better to just reuse subject the Solr server creates for > interacting between the nodes. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org