[jira] [Updated] (SOLR-9541) Support configurable authentication mechanism for internode communication

[Hrishikesh Gadre (JIRA)]

     [ 
https://issues.apache.org/jira/browse/SOLR-9541?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Hrishikesh Gadre updated SOLR-9541:
-----------------------------------
    Description: 
SOLR-7849 introduced PKI based authentication mechanism for internode 
communication. The main reason for introducing SOLR-7849 was,

>> Relying on every Authentication plugin to secure the internode communication 
>> is error prone. 

At Cloudera we are using Kerberos protocol for all communication without any 
issues (i.e. between client/server as well as server/server). We should make 
this internode authentication mechanism configurable (with default as PKI based 
mechanism). This will allow users to decide the appropriate authentication 
mechanism based on their security requirements.

  was:
SOLR-7849 introduced PKI based authentication mechanism for internode 
communication. The main reason for this feature (as per SOLR-7849) is,

>> Relying on every Authentication plugin to secure the internode communication 
>> is error prone. 

At Cloudera we are using Kerberos protocol for all communication without any 
issues (i.e. between client/server as well as server/server). We should make 
this internode authentication mechanism configurable (with default as PKI based 
mechanism). This will allow users to decide the appropriate mechanism based on 
their security requirements.


> Support configurable authentication mechanism for internode communication
> -------------------------------------------------------------------------
>
>                 Key: SOLR-9541
>                 URL: https://issues.apache.org/jira/browse/SOLR-9541
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>    Affects Versions: 5.3, 6.0
>            Reporter: Hrishikesh Gadre
>
> SOLR-7849 introduced PKI based authentication mechanism for internode 
> communication. The main reason for introducing SOLR-7849 was,
> >> Relying on every Authentication plugin to secure the internode 
> >> communication is error prone. 
> At Cloudera we are using Kerberos protocol for all communication without any 
> issues (i.e. between client/server as well as server/server). We should make 
> this internode authentication mechanism configurable (with default as PKI 
> based mechanism). This will allow users to decide the appropriate 
> authentication mechanism based on their security requirements.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org