Setting up a cluster with multiple solr nodes with Kerberos using it for internode communication as well (attached security.json) and added Ranger as authorization plugin.
When sending requests the authentication happens against the end user but the authorization is for solr service user.
Tested two cases (3 nodes, have a collection with 2 replicas on 2 nodes of it):
1. send a query to a node where the collection has replica. Authorization is wrong every nodes
2. send a query to a node which doesn't contain a replica. The first place authorization is fine but when the query distributed it goes as solr service user issued.