[ https://issues.apache.org/jira/browse/SOLR-13726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16923533#comment-16923533 ]
Kevin Risden commented on SOLR-13726: ------------------------------------- NIFI-5148 handled this specifically for NiFi to avoid the JVM property change in Krb5HttpClientBuilder > Krb5HttpClientBuilder avoid setting javax.security.auth.useSubjectCredsOnly > --------------------------------------------------------------------------- > > Key: SOLR-13726 > URL: https://issues.apache.org/jira/browse/SOLR-13726 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Components: SolrJ > Reporter: Kevin Risden > Priority: Major > > Solr should avoid setting system properties that affect the entire JVM. > Specifically "javax.security.auth.useSubjectCredsOnly" is one that can cause > a bunch of issues if SolrJ is colocated with other Kerberos secured services. > Krb5HttpClientBuilder changes the JVM default to false if it is not set. It > is defaulting to true. This affects everything in the JVM. Since SolrJ is > meant to be client side, we should avoid doing this. > [https://github.com/apache/lucene-solr/blame/master/solr/solrj/src/java/org/apache/solr/client/solrj/impl/Krb5HttpClientBuilder.java#L144] -- This message was sent by Atlassian Jira (v8.3.2#803003) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org