[
https://issues.apache.org/jira/browse/SOLR-9513?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15665638#comment-15665638
]
ASF GitHub Bot commented on SOLR-9513:
--------------------------------------
GitHub user hgadre opened a pull request:
https://github.com/apache/lucene-solr/pull/114
SOLR-9513 A generic Solr authentication plugin to integrate with Hadoop
- Added a generic Solr authentication plugin to integrate with Hadoop
- Added delegation tokens support
- Added proxy users support
Currently the unit tests are using kerberos authentication handler in
Hadoop. After Solr is updated to use Hadoop 3, these tests will be
modified to use multi-auth support in Hadoop.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/hgadre/lucene-solr SOLR-9513_fix
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/lucene-solr/pull/114.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #114
----
commit 7562e0cecfc758aff4399909ef147114813204f8
Author: Hrishikesh Gadre <hga...@cloudera.com>
Date: 2016-11-08T21:18:34Z
SOLR-9513 A generic Solr authentication plugin to integrate with Hadoop
- Added a generic Solr authentication plugin to integrate with Hadoop
- Added delegation tokens support
- Added proxy users support
Currently the unit tests are using kerberos authentication handler in
Hadoop. After Solr is updated to use Hadoop 3, these tests will be
modified to use multi-auth support in Hadoop.
----
> Introduce a generic authentication plugin which delegates all functionality
> to Hadoop authentication framework
> --------------------------------------------------------------------------------------------------------------
>
> Key: SOLR-9513
> URL: https://issues.apache.org/jira/browse/SOLR-9513
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Hrishikesh Gadre
>
> Currently Solr kerberos authentication plugin delegates the core logic to
> Hadoop authentication framework. But the configuration parameters required by
> the Hadoop authentication framework are hardcoded in the plugin code itself.
> https://github.com/apache/lucene-solr/blob/5b770b56d012279d334f41e4ef7fe652480fd3cf/solr/core/src/java/org/apache/solr/security/KerberosPlugin.java#L119
> The problem with this approach is that we need to make code changes in Solr
> to expose new capabilities added in Hadoop authentication framework. e.g.
> HADOOP-12082
> We should implement a generic Solr authentication plugin which will accept
> configuration parameters via security.json (in Zookeeper) and delegate them
> to Hadoop authentication framework. This will allow to utilize new features
> in Hadoop without code changes in Solr.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
