Major Description
As described in this comment on SOLR-4407, while we support Client SSL certificates we do not have a way to use them with authentication and authorization in an end-to-end fashion.
Specifically, we don't have an easy (or any?) way to load the certificate subject via a user principal into the AuthorizationContext.
The work in SOLR-10814 would also be good here, since the subject can have much more than just the CN, for example it can have locations and organizational units. C=US, ST=California, L=San Francisco, O=Wikimedia Foundation, Inc., CN=*.wikipedia.org
Attachments
Issue Links
- links to
