Josh Elser created PHOENIX-3048:
-----------------------------------
Summary: Wire up HTTP Basic/Digest authentication from Avatica
into PQS
Key: PHOENIX-3048
URL: https://issues.apache.org/jira/browse/PHOENIX-3048
Project: Phoenix
Issue Type: Improvement
Reporter: Josh Elser
Assignee: Josh Elser
Fix For: 4.9.0
Had an ask last week about exposing the HTTP Basic and Digest authentication I
put into Avatica 1.8.0.
I avoided wiring it up because the Jetty-based configuration file properties
aren't really a desirable solution for any security-minded organization (we
need some integration with an external credentials management system, not a
bunch of plain-text files laying around).
However, until we get to that point, there may be some extra value seen in some
simple username-password authentication that PQS can assert for cases when
Kerberos isn't desirable (even with the flat-file approach).
The trickiest part, I think, will just be getting the password sent around
securely. I've been playing with a mock-up of this today. Will put up a prelim
patch shortly.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
