jon-wei commented on issue #8931: Make DruidAvaticaHandler extensible to support auth on mTLS JDBC requests URL: https://github.com/apache/incubator-druid/issues/8931#issuecomment-561386021 @a2l007 The Authenticators can provide a servlet Filter, would it it be possible to pass the `HttpServletRequest` from `AbstractAvaticaHandler.isUserPermitted` into those Filters? What would the mTLS authentication check look like? (Would it just be pulling the identity from the client certificate, since the TLS negotiation would've checked the certificates by then?)
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
