Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Not A Problem
-
5.3, 6.0
-
None
-
None
-
None
Description
SOLR-7849 introduced PKI based authentication mechanism for internode communication. The main reason for introducing SOLR-7849 was,
>> Relying on every Authentication plugin to secure the internode communication is error prone.
At Cloudera we are using Kerberos protocol for all communication without any issues (i.e. between client/server as well as server/server). We should make this internode authentication mechanism configurable (with default as PKI based mechanism). This will allow users to decide the appropriate authentication mechanism based on their security requirements.