Cloudera Search Authentication
When authentication is enabled, only specified hosts and users can connect to Solr. Authentication also verifies that clients connect to legitimate servers. This feature prevents spoofing such as impersonation and man-in-the-middle attacks. Search supports Kerberos and LDAP authentication.
Cloudera Search supports a variety of combinations of authentication
protocols:
| Solr Authentication | Use Case |
|---|---|
| No authentication | Insecure cluster |
| Kerberos only | The Hadoop cluster has Kerberos turned on and every user (or client) connecting to Solr has a Kerberos principal. |
| Kerberos and LDAP | The Hadoop cluster has Kerberos turned on. External Solr users (or clients) do not have Kerberos principals but do have identities in the LDAP server. Client authentication using LDAP requires that Kerberos is enabled for the cluster. Using LDAP alone is not supported. |
