[
https://issues.apache.org/jira/browse/SOLR-18270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated SOLR-18270:
----------------------------------
Labels: pull-request-available (was: )
> Bug in SOLR 10 CertAuthPlugin : request attribute
> --------------------------------------------------
>
> Key: SOLR-18270
> URL: https://issues.apache.org/jira/browse/SOLR-18270
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Authentication
> Affects Versions: 10.0
> Reporter: Jean-Marie HEITZ
> Priority: Critical
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> While trying to migrate from SOLR 9 to 10 using the official Docker images, I
> noticed that authentication using SSL certificates did not work anymore. I
> found out that, as I was using SOLR_SSL_NEED_CLIENT_AUTH, and that the SSL
> connection level does work and is established, the request attribute that
> carries the client cert is notĀ "javax.servlet.request.X509Certificate"
> anymore in jetty-12, which is used in the Official SOLR Docker image : it
> becameĀ "jakarta.servlet.request.X509Certificate". I tested the attribute
> change by building SOLR and the Docker Image from source : it worked. So I
> guess it might be good to change, or add a parameter to be able to configure
> the lookup attribute in security.json.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
