You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by GitBox <gi...@apache.org> on 2021/10/20 12:36:39 UTC

[GitHub] [solr-operator] janhoy commented on issue #331: Support JWT authentication

janhoy commented on issue #331:
URL: https://github.com/apache/solr-operator/issues/331#issuecomment-947622521


   Looks like tehre is some traction on https://github.com/apache/solr/pull/355 which could be a workaround for operator, exporter, bin/solr etc.
   
   Only worry I have is for some orgs that deem BasicAuth not secure enough that they don't want to enable it at all. So I wonder if it makes sense to introduce an IP-address allowlist to BasicAuth, so you can explicitly allow those servers on the network that need access. I realize this may be hard in k8s where IPs can change any time. I don't know if it is a valid concern though.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org