Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-9513

Introduce a generic authentication plugin which delegates all functionality to Hadoop authentication framework

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 6.4, 7.0
    • None
    • None

    Description

      Currently Solr kerberos authentication plugin delegates the core logic to Hadoop authentication framework. But the configuration parameters required by the Hadoop authentication framework are hardcoded in the plugin code itself.
      https://github.com/apache/lucene-solr/blob/5b770b56d012279d334f41e4ef7fe652480fd3cf/solr/core/src/java/org/apache/solr/security/KerberosPlugin.java#L119

      The problem with this approach is that we need to make code changes in Solr to expose new capabilities added in Hadoop authentication framework. e.g. HADOOP-12082

      We should implement a generic Solr authentication plugin which will accept configuration parameters via security.json (in Zookeeper) and delegate them to Hadoop authentication framework. This will allow to utilize new features in Hadoop without code changes in Solr.

      Attachments

        1. SOLR-9513-deprecate-GenericHadoopAuthPlugin.patch
          11 kB
          Ishan Chattopadhyaya
        2. SOLR-9513.patch
          132 kB
          Ishan Chattopadhyaya
        3. SOLR-9513_6x.patch
          92 kB
          Hrishikesh Gadre

        Issue Links

          Activity

            People

              ichattopadhyaya Ishan Chattopadhyaya
              hgadre Hrishikesh Gadre
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: