[ 
https://issues.apache.org/jira/browse/SOLR-7824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Eric Pugh resolved SOLR-7824.
-----------------------------
    Resolution: Won't Do

Hadoop Auth removed in Solr 10.

> Make server kerberos subject available to authorization plugin code
> -------------------------------------------------------------------
>
>                 Key: SOLR-7824
>                 URL: https://issues.apache.org/jira/browse/SOLR-7824
>             Project: Solr
>          Issue Type: Improvement
>          Components: security, Server
>    Affects Versions: 5.2
>            Reporter: Bosco
>            Priority: Major
>
> [~ichattopadhyaya] and [~anshumg], thanks for implementing Kerberos 
> authentication in Solr as part of 
> https://issues.apache.org/jira/browse/SOLR-7468
> Is it possible to make the kerberos subject used by the Solr process made 
> available to the authorization. It could be a static method which gives the 
> subject.
> The reason being, in Apache Ranger implementation of the authorization 
> plugin, we also do Audit. When we want to write the audit logs to Kerberized 
> HDFS or Kerberized Solr, we have to read the jaas file again and create the 
> subject/principal. This requires the authorization code duplicate the tasks 
> done the by Solr server, which includes reading the jaas file and principal 
> from -D option or other config files. Since this might change over the period 
> of time, it is better to just reuse subject the Solr server creates for 
> interacting between the nodes.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org

Reply via email to