a2l007 commented on issue #8931: Make DruidAvaticaHandler extensible to support auth on mTLS JDBC requests URL: https://github.com/apache/incubator-druid/issues/8931#issuecomment-559602894 @jon-wei My initial plan was to keep AvaticaHandler extensions separate from the Authenticators. But it might be better to just override `isUserPermitted` in `DruidAvaticaHandler` and this would call a new method say `authenticateJDBCRequest(HttpServletRequest clientRequest)` in the Authenticator. The auth result can then be pushed to the request context that can be used for authorization later on. So the end user would only have to implement a new method within their existing authenticators which would handle the jdbc requests. `authenticateJDBCRequest` can eventually replace `authenticateJDBCContext` since it would be possible to extract the context from the request itself. Please let me know if you feel there is a better way to do this.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
