Hello everybody, this is my first time asking for support here. I normally search in the web and look in the forums list but I don't know how to do it here, I am very clumsy with mailing list, so If this post is duplicated or someone else has asked this question before I would appreciate if you point me where to look.
I configured Solr authentication this guide: https://solr.apache.org/guide/8_9/kerberos-authentication-plugin.html Everything is working OK, I just receive this warning message so often: 2021-09-01 20:29:46.789 WARN (qtp1533985074-61) [ ] o.a.h.s.a.u.KerberosName auth_to_local rule mechanism not set.Using default of hadoop I don't know what to do to get rid of this. I personally want to make a right configuration in the right file instead of just disabling the warning. I just configured the "solr.kerberos.name <http://solr.kerberos.name>.rules" in the solr.in.sh <http://solr.in.sh> but it seems to be ignored. I don't know if I have to make an extra configuration in the FreeIPA or maybe I am missing another configuration file. As I understand this warning should be if I use HDFS or Hadoop Authentication but this is not the case. This is the content of my solr.in.sh <http://solr.in.sh> file: SOLR_PID_DIR="/opt/var/solr" SOLR_HOME="/opt/var/solr/data" LOG4J_PROPS="/opt/var/solr/log4j2.xml" SOLR_LOGS_DIR="/opt/var/solr/logs" SOLR_PORT="8983" SOLR_HEAP="6g" SOLR_HOST="sa3secglbsolr01.a3sec.local" ZK_HOST="sa3secglbzkpt01.a3sec.local:2181,sa3secglbzkpt02.a3sec.local:2181,sa3secglbzkpt03.a3sec.local:2181/solr" # Settings for ZK ACL SOLR_ZK_CREDS_AND_ACLS="-DzkACLProvider=org.apache.solr.common.cloud.VMParamsAllAndReadonlyDigestZkACLProvider \ -DzkCredentialsProvider=org.apache.solr.common.cloud.VMParamsSingleSetCredentialsDigestZkCredentialsProvider \ -DzkDigestUsername=admin-user -DzkDigestPassword=anypassword \ -DzkDigestReadonlyUsername=readonly-user -DzkDigestReadonlyPassword=anypassword" SOLR_OPTS="$SOLR_OPTS $SOLR_ZK_CREDS_AND_ACLS" # Enables HTTPS. It is implicitly true if you set SOLR_SSL_KEY_STORE. Use this config # to enable https module with custom jetty configuration. SOLR_SSL_ENABLED=true # Uncomment to set SSL-related system properties # Be sure to update the paths to the correct keystore for your environment SOLR_SSL_KEY_STORE=etc/solr-ssl.keystore.p12 SOLR_SSL_KEY_STORE_PASSWORD=<Anypassword> SOLR_SSL_TRUST_STORE=etc/solr-ssl.keystore.p12 SOLR_SSL_TRUST_STORE_PASSWORD=<Anypassword> # Require clients to authenticate SOLR_SSL_NEED_CLIENT_AUTH=false # Enable clients to authenticate (but not require) SOLR_SSL_WANT_CLIENT_AUTH=false # SSL Certificates contain host/ip "peer name" information that is validated by default. Setting # this to false can be useful to disable these checks when re-using a certificate on many hosts SOLR_SSL_CHECK_PEER_NAME=true KERBEROS_RULE="RULE:[1:\$1@\$0](.*A3SEC.LOCAL)s/@.*//" SOLR_AUTH_TYPE="kerberos" SOLR_AUTHENTICATION_OPTS="-Djava.security <http://Djava.security>.auth.login.config=/home/debian/jaas-client.conf -Dsolr.kerberos.cookie.domain=sa3secglbsolr01.a3sec.local -Dsolr.kerberos.cookie.portaware=true -Dsolr.kerberos.principal=HTTP/sa3secglbsolr01.a3sec.local@A3SEC.LOCAL -Dsolr.kerberos.keytab=/home/debian/sa3secglbsolr01.keytab -Dsolr.kerberos.name <http://Dsolr.kerberos.name>.rules=$KERBEROS_RULE" In the worst case, is there a way to disable that specific Warning? Best regards.
