You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@lucene.apache.org by "Alexandre Rafalovitch (JIRA)" <ji...@apache.org> on 2017/03/01 02:52:45 UTC

[jira] [Commented] (SOLR-9516) New UI doesn't work when Kerberos is enabled

    [ https://issues.apache.org/jira/browse/SOLR-9516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15889399#comment-15889399 ] 

Alexandre Rafalovitch commented on SOLR-9516:
---------------------------------------------

I am looking at: https://cwiki.apache.org/confluence/display/solr/Kerberos+Authentication+Plugin
It says:
{quote}
In order for your browser to access the Solr Admin UI after enabling Kerberos authentication, it must be able to negotiate with the Kerberos authenticator service to allow you access. Each browser supports this differently, and some (like Chrome) do not support it at all. If you see 401 errors when trying to access the Solr Admin UI after enabling Kerberos authentication, it's likely your browser has not been configured properly to know how or where to negotiate the authentication request.

Detailed information on how to set up your browser is beyond the scope of this documentation; please see your system administrators for Kerberos for details on how to configure your browser.
{quote}

Are we - absolutely - sure that the exact same setup works with the old UI? Could we get full browser/network traces for a request made from old UI and from New UI? Preferably while the backend is actually running with full TRACE log.

> New UI doesn't work when Kerberos is enabled
> --------------------------------------------
>
>                 Key: SOLR-9516
>                 URL: https://issues.apache.org/jira/browse/SOLR-9516
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Admin UI
>            Reporter: Ishan Chattopadhyaya
>              Labels: javascript, newdev, security
>         Attachments: QQ20161012-0.png, Screenshot from 2016-09-15 07-36-29.png
>
>
> It seems resources like http://solr1:8983/solr/libs/chosen.jquery.js encounter 403 error:
> {code}
> 2016-09-15 02:01:45.272 WARN  (qtp611437735-18) [   ] o.a.h.s.a.s.AuthenticationFilter Authentication exception: GSSException: Failure unspecified at GSS-API level (Mechanism level: Request is a replay (34))
> {code}
> The old UI is fine.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org