Support Questions

Find answers, ask questions, and share your expertise
Check out our newest addition to the community, the Cloudera Data Analytics (CDA) group hub.

Is it necessary to use a keytab for user HTTP when kerberizing Solr?

New Contributor

All guides describing how to kerberize Apache Solr say that the HTTP-user has to be used as principal and that a keytab for user HTTP has to be created. Can you say why? Is it possible to use a different user?



@Johannes Peter The Kerberos plugin uses SPNego to negotiate authentication. HTTP indicates the type of requests which this service principal will be used to authenticate. The HTTP/ in the service principal is a must for SPNego to work with requests to Solr over HTTP.

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.