[ https://issues.apache.org/jira/browse/SOLR-12194?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16508288#comment-16508288 ]
Hoss Man commented on SOLR-12194: --------------------------------- to clarify: i've never had strong opinions about this, my comments before were just to seek clarity on whether this was really moving in the ideal direction since it seemed the reverse of one of the intended usecases ... but i don't have enough practical experience to know if that even matters -- just wanted to make sure it was considered. since you pinged me though: my only new half thought out comments/questions are wether these changes may complicate some of the work miller is doing (or has alluded to working on in personal branch i haven't seen) to "modernize" the solr client APIs to allow HTTP/2 and true async stuff ... ie: is exposing an ability to set arbitrary headers going to be problematic for that? can/should we ensure/enforce they are "request level" headers and prevent "connection level" headers? (i honestly don't even know which category authorization headers fall into ... > Deprecate SolrRequest#setBasicAuthCredentials > --------------------------------------------- > > Key: SOLR-12194 > URL: https://issues.apache.org/jira/browse/SOLR-12194 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: SolrJ > Reporter: Jan Høydahl > Priority: Major > Fix For: 7.4 > > Time Spent: 10m > Remaining Estimate: 0h > > We should deprecate these methods in {{SolrRequest}}: > {code:java} > public SolrRequest setBasicAuthCredentials(String user, String password) > public String getBasicAuthPassword() > public String getBasicAuthUser() > {code} > The only way forward will be using the ClientBuilderFactory. > For 7.4 we should deprecate these, and for 8.0 (master) remove them. First we > need to migrate some tests etc that uses the old methods. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org