Hi We have just upgraded to 5.4.1 from 5.2.1 and have a custom authentication plugin class configured, which is using Spnego to validate user requests.
Since there is now built-in support for inter-node authentication via the PKIAuthenticationPlugin we were expecting this to be activated by default since we're not implementing HttpClientInterceptorPlugin. However, we see that our authentication plugin is being called for requests to admin/info/key when the PKIAuthenticationPlugin is attempting to authenticate an inter-node request. We can modify our plugin to exclude the public key request, but this seems to be an implementation detail of the PKI auth that we shouldn't need to know about? I can see that the SolrAuth header isn't set on the request for the public key, which I can see is controlled by the PKIAuthenticationPlugin's HttpClientConfigurer. Am I missing something, or is it required that custom auth plugins handle the public key request as a special case? Regards Matt