[ https://issues.apache.org/jira/browse/SOLR-9541?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Hrishikesh Gadre updated SOLR-9541: ----------------------------------- Description: SOLR-7849 introduced PKI based authentication mechanism for internode communication. The main reason for introducing SOLR-7849 was, >> Relying on every Authentication plugin to secure the internode communication >> is error prone. At Cloudera we are using Kerberos protocol for all communication without any issues (i.e. between client/server as well as server/server). We should make this internode authentication mechanism configurable (with default as PKI based mechanism). This will allow users to decide the appropriate authentication mechanism based on their security requirements. was: SOLR-7849 introduced PKI based authentication mechanism for internode communication. The main reason for this feature (as per SOLR-7849) is, >> Relying on every Authentication plugin to secure the internode communication >> is error prone. At Cloudera we are using Kerberos protocol for all communication without any issues (i.e. between client/server as well as server/server). We should make this internode authentication mechanism configurable (with default as PKI based mechanism). This will allow users to decide the appropriate mechanism based on their security requirements. > Support configurable authentication mechanism for internode communication > ------------------------------------------------------------------------- > > Key: SOLR-9541 > URL: https://issues.apache.org/jira/browse/SOLR-9541 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Affects Versions: 5.3, 6.0 > Reporter: Hrishikesh Gadre > > SOLR-7849 introduced PKI based authentication mechanism for internode > communication. The main reason for introducing SOLR-7849 was, > >> Relying on every Authentication plugin to secure the internode > >> communication is error prone. > At Cloudera we are using Kerberos protocol for all communication without any > issues (i.e. between client/server as well as server/server). We should make > this internode authentication mechanism configurable (with default as PKI > based mechanism). This will allow users to decide the appropriate > authentication mechanism based on their security requirements. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org