[jira] [Commented] (AMBARI-17621) Kerberized Solr support for Atlas

Fri, 08 Jul 2016 07:03:25 -0700 

    [ 
https://issues.apache.org/jira/browse/AMBARI-17621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15367708#comment-15367708
 ] 

Hudson commented on AMBARI-17621:
---------------------------------

FAILURE: Integrated in Ambari-trunk-Commit #5256 (See 
[https://builds.apache.org/job/Ambari-trunk-Commit/5256/])
AMBARI-17621. Kerberized Solr support for Atlas (aonishuk) (aonishuk: 
[http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=fda5b78d8daf6994870c56ab35416dc2b6b9cbfd])
* 
ambari-server/src/main/resources/stacks/HDP/2.5/services/ATLAS/configuration/application-properties.xml
* ambari-server/src/main/resources/stacks/HDP/2.5/services/ATLAS/kerberos.json


> Kerberized Solr support for Atlas
> ---------------------------------
>
>                 Key: AMBARI-17621
>                 URL: https://issues.apache.org/jira/browse/AMBARI-17621
>             Project: Ambari
>          Issue Type: Bug
>            Reporter: Andrew Onischuk
>            Assignee: Andrew Onischuk
>             Fix For: 2.4.0
>
>         Attachments: AMBARI-17621.patch
>
>
> Currently Atlas does not support kerberized Solr communication.  
> To make kerberized Solr client work:  
> 1\. Set `java.security.auth.login.config` property, which points to a jaas-
> file (with Client block)  
> 2\. Use Kerberos http client configurer.
> This option should be bind to a new property (e.g.:
> "atlas.solr.kerberos.enable")
> call this before creating CloudSolrClient instance: (most likely
> Solr5Index.java)
>     
>     
>     
>     boolean securityEnabled = 
> PropertiesUtil.getBooleanProperty("atlas.solr.kerberos.enable", false);
>     if (securityEnabled) {
>       System.setProperty("java.security.auth.login.config", 
> "/etc/atlas/conf/atlas-jaas.conf");
>       HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
>     }
>     
> some useful documentation from Ranger:  
> <https://cwiki.apache.org/confluence/display/RANGER/How+to+configure+Solr+Clou
> d+with+Kerberos+for+Ranger+0.5>
> On ambari side: we should handle this property if kerberos is enabled. The new
> property should be added only if Solr is used for Atlas



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to