lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Davids <sdav...@gmail.com>
Subject Re: Inquiry for Solr Cloud Authentication
Date Tue, 24 Jan 2017 16:57:39 GMT
Don't let "basic auth" without SSL think there is inherent security, if
someone has access to the network it is trivial to sniff network traffic
and pickup the username/password (as noted in the caveats section
<https://cwiki.apache.org/confluence/display/solr/Basic+Authentication+Plugin>).
There is a little more overhead for setting up SSL connections but as long
as there is keep-alives it's not too big of a penalty. Another option could
be using two-way SSL for authentication purposes.

-Steve

On Fri, Jan 20, 2017 at 1:00 AM, Byunghoon Lim <seian.hoon@gmail.com> wrote:

> Hi Ishan! Thanks for the advice :) I will try it.
>
> Best,
> Hoon
>
> Regards,
> Hoon
>
> On Fri, Jan 20, 2017 at 11:55 AM, Ishan Chattopadhyaya <
> ichattopadhyaya@gmail.com> wrote:
>
>> Basic auth should have the best performance (almost negligible difference
>> between unsecured and secured). Also, you could try delegation tokens
>> support.
>>
>> On Fri, Jan 20, 2017 at 7:41 AM, Byunghoon Lim <seian.hoon@gmail.com>
>> wrote:
>>
>>> Hi! I am Hoon who is running a Solr cluster on production.
>>>
>>> I am considering adding an authentication for Solr Cloud using like
>>> Basic Authentication plugin. Here, my concern is, if I bring the
>>> authentication plugin to the cluster, how much latency will increase or
>>> affected.
>>>
>>> Is there any results or data for the performance?
>>> or, please let me know the best authentication plugin which doesn't
>>> affect latency.
>>>
>>> Thanks in advance.
>>>
>>> Best,
>>> Hoon
>>>
>>
>>
>

Mime
View raw message