Support Questions
Find answers, ask questions, and share your expertise

Is it necessary to use a keytab for user HTTP when kerberizing Solr?

Is it necessary to use a keytab for user HTTP when kerberizing Solr?

New Contributor

All guides describing how to kerberize Apache Solr say that the HTTP-user has to be used as principal and that a keytab for user HTTP has to be created. Can you say why? Is it possible to use a different user?

1 REPLY 1
Highlighted

Re: Is it necessary to use a keytab for user HTTP when kerberizing Solr?

Contributor

@Johannes Peter The Kerberos plugin uses SPNego to negotiate authentication. HTTP indicates the type of requests which this service principal will be used to authenticate. The HTTP/ in the service principal is a must for SPNego to work with requests to Solr over HTTP.

Don't have an account?