Actually, it looks like Jetty might provide some implementation which
defers to JDBC for authentication. Let me look into that.
Josh Elser wrote:
.. but what mechanism could Avatica use to do this generically? Is there
a means to verify some credentials without trying to instantiate a
java.sql.Connection with the given user/password?
Julian Hyde wrote:
I agree with Sarnath about complexity. If I’m a user logging into
database X there’s no way you could persuade me that I need to have a
set of credentials for the network hop and another for the database.
If the database uses basic authentication user name ‘scott’ password
‘tiger’, and the person who configured the Avatica server said use
basic authentication, then Avatica should use the same credentials.
Yes, it’s not very secure, but hey, that’s basic authentication.
Julian
On Mar 29, 2016, at 6:49 AM, Josh Elser<[email protected]> wrote:
Just to make sure it's clear, the credentials would have to be
duplicated elsewhere presently (e.g. in a properties file that Jetty
can read). Maybe there's a JDBC API that the Avatica server could
hook directly into to avoid such credential duplication?
Sarnath wrote:
The extra pair adds additional complexity... I think it is better to go
with underlying database creds.. Or better provide a hook to interested
users who want separate creds...
