Re: Custom authentication plugin & inter-node auth
It should be related to SOLR-9692: blockUnknown property makes inter-node communication impossible This is fixed in 6.3 On Tue, Nov 1, 2016 at 8:44 AM, devanshic02 wrote: > > Hi > > I am facing same issue > I have a custom authentication plugin and it is calling admin/info/key when > the PKIAuthenticationPlugin is attempting to authenticate an inter-node > request. Can you let me know how you resolved the same > > > > -- > View this message in context: > http://lucene.472066.n3.nabble.com/Custom-authentication-plugin-inter-node-auth-tp4294675p4303933.html > Sent from the Solr - User mailing list archive at Nabble.com. -- - Noble Paul
Re: Custom authentication plugin & inter-node auth
Hi I am facing same issue I have a custom authentication plugin and it is calling admin/info/key when the PKIAuthenticationPlugin is attempting to authenticate an inter-node request. Can you let me know how you resolved the same -- View this message in context: http://lucene.472066.n3.nabble.com/Custom-authentication-plugin-inter-node-auth-tp4294675p4303933.html Sent from the Solr - User mailing list archive at Nabble.com.
Custom authentication plugin & inter-node auth
Hi We have just upgraded to 5.4.1 from 5.2.1 and have a custom authentication plugin class configured, which is using Spnego to validate user requests. Since there is now built-in support for inter-node authentication via the PKIAuthenticationPlugin we were expecting this to be activated by default since we're not implementing HttpClientInterceptorPlugin. However, we see that our authentication plugin is being called for requests to admin/info/key when the PKIAuthenticationPlugin is attempting to authenticate an inter-node request. We can modify our plugin to exclude the public key request, but this seems to be an implementation detail of the PKI auth that we shouldn't need to know about? I can see that the SolrAuth header isn't set on the request for the public key, which I can see is controlled by the PKIAuthenticationPlugin's HttpClientConfigurer. Am I missing something, or is it required that custom auth plugins handle the public key request as a special case? Regards Matt
Custom authentication plugin & inter-node auth
Hi We have just upgraded to 5.4.1 from 5.2.1 and have a custom authentication plugin class configured, which is using Spnego to validate user requests. Since there is now built-in support for inter-node authentication via the PKIAuthenticationPlugin we were expecting this to be activated by default since we're not implementing HttpClientInterceptorPlugin. However, we see that our authentication plugin is being called for requests to admin/info/key when the PKIAuthenticationPlugin is attempting to authenticate an inter-node request. We can modify our plugin to exclude the public key request, but this seems to be an implementation detail of the PKI auth that we shouldn't need to know about? I can see that the SolrAuth header isn't set on the request for the public key, which I can see is controlled by the PKIAuthenticationPlugin's HttpClientConfigurer. Am I missing something, or is it required that custom auth plugins handle the public key request as a special case? Regards Matt