The solution would be probably a policy file shipped with Solr that allows the ZK jar to create a logincontext. I suggest that Solr ships it otherwise one would need to adapt it for every Solr update manually to include the version of the ZK jar.
On Thu, Jul 16, 2020 at 8:15 PM Jörn Franke <jornfra...@gmail.com> wrote: > I believe it is a bug in Solr because we need to create a policy to allow > creating a login context: > See here chapter "Running the Code with a Security Manager" > > http://www.informatik.hs-furtwangen.de/doku/java/j2sdk-1_4_1-doc/guide/security/jaas/tutorials/LoginConfigFile.html > > Please confirm and I will create a JIRA issue for Solr > > On Thu, Jul 16, 2020 at 8:06 PM Jörn Franke <jornfra...@gmail.com> wrote: > >> Hallo, >> >> I am using Solr 8.6.0. >> When activating the Java security manager then Solr cannot use anymore >> the jaas-client conf specified via java.security.auth.login.conf with >> Zookeeper. We have configured Kerberos authentication for Zookeeper. >> When disabling java security manager it works perfectly fine. >> >> The exact error message is : „No JAAS configuration section named >> 'Client' was found“. Somehow it seems that the Java security manager blocks >> access to that file . >> The directory for the file is in the -Dsolr.allowPaths >> Could this be a bug or is it a misconfiguration? >> >> >> Thank you. >> >> Best regards > >
