[
https://issues.apache.org/jira/browse/AMBARI-17621?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Onischuk updated AMBARI-17621:
-------------------------------------
Resolution: Fixed
Status: Resolved (was: Patch Available)
Committed to trunk and branch-2.4
> Kerberized Solr support for Atlas
> ---------------------------------
>
> Key: AMBARI-17621
> URL: https://issues.apache.org/jira/browse/AMBARI-17621
> Project: Ambari
> Issue Type: Bug
> Reporter: Andrew Onischuk
> Assignee: Andrew Onischuk
> Fix For: 2.4.0
>
> Attachments: AMBARI-17621.patch
>
>
> Currently Atlas does not support kerberized Solr communication.
> To make kerberized Solr client work:
> 1\. Set `java.security.auth.login.config` property, which points to a jaas-
> file (with Client block)
> 2\. Use Kerberos http client configurer.
> This option should be bind to a new property (e.g.:
> "atlas.solr.kerberos.enable")
> call this before creating CloudSolrClient instance: (most likely
> Solr5Index.java)
>
>
>
> boolean securityEnabled =
> PropertiesUtil.getBooleanProperty("atlas.solr.kerberos.enable", false);
> if (securityEnabled) {
> System.setProperty("java.security.auth.login.config",
> "/etc/atlas/conf/atlas-jaas.conf");
> HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
> }
>
> some useful documentation from Ranger:
> <https://cwiki.apache.org/confluence/display/RANGER/How+to+configure+Solr+Clou
> d+with+Kerberos+for+Ranger+0.5>
> On ambari side: we should handle this property if kerberos is enabled. The new
> property should be added only if Solr is used for Atlas
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
