amir-bashir opened a new issue, #40628:
URL: https://github.com/apache/arrow/issues/40628
### Describe the usage question you have. Please include as many useful
details as possible.
I have implemented flight sql server with code snippet below.
```
try (final BufferAllocator allocator = example.rootAllocator; final
FlightServer server
= FlightServer.builder(allocator, listenLocation, example)
.useTls(certificate,
priveteKey)
.headerAuthenticator(example.callHeaderInfo)
.build()) {
server.start();
server.awaitTermination();
}
```
Here I am using headerAuthenticator to read username/password information
from header.
When I connect to my flight sql server using below python code,
authentication method receives both username and password as expected.
```
with flight_sql.connect(uri="grpc+tls://192.168.140.77:32222",
db_kwargs={
"adbc.flight.sql.rpc.call_header.username": "datalake",
"adbc.flight.sql.rpc.call_header.password": "DataLake@2023",
"adbc.flight.sql.client_option.tls_skip_verify": "true"
}
) as conn:
with conn.cursor() as cur:
cur.execute("SELECT * FROM postgresql.public.patients limit 100")
```
When I use the following code to connect to same server from jdbc client,
Incoming Headers do not contain password.
Can you please guide how I can fix this issue.
```
final Properties properties = new Properties();
properties.put("USERNAME", "admin");
properties.put("PASSWORD", "admin");
properties.put("useEncryption", 1);
properties.put("disableCertificateVerification", true);
try {
Connection connection =
DriverManager.getConnection("jdbc:arrow-flight-sql://localhost:32222/",
properties);
} catch (SQLException ex) {
}
```
Below is my authenticate method for reference.
```
@Override
public CallHeaderAuthenticator.AuthResult authenticate(CallHeaders
incomingHeaders) {
if (incomingHeaders.containsKey("authorization")) {
String authEncoded = "";
if
(incomingHeaders.toString().toLowerCase().contains("basic")) {
authEncoded = AuthUtilities.getValueFromAuthHeader(
incomingHeaders, Auth2Constants.BASIC_PREFIX);
String authDecoded = new
String(Base64.getDecoder().decode(authEncoded), StandardCharsets.UTF_8);
int colonPos = authDecoded.indexOf(':');
if (colonPos != -1) {
username = authDecoded.substring(0, colonPos);
password = authDecoded.substring(colonPos + 1);
LOGGER.info("authenticating user '" + username +"'
using basic authentication");
}
} else if
(incomingHeaders.toString().toLowerCase().contains("bearer")) {
JWTToken = AuthUtilities.getValueFromAuthHeader(
incomingHeaders, Auth2Constants.BEARER_PREFIX);
LOGGER.info("authenticating using bearer token");
}
} else if(incomingHeaders.containsKey("token")){
JWTToken = incomingHeaders.get("token");
LOGGER.info("authenticating using jwt token in custom header
call");
} else if(incomingHeaders.containsKey("username")) {
username = incomingHeaders.get("username");
password = incomingHeaders.get("password");
LOGGER.info("authenticating user '" + username +"' using
username/password in custom header call");
}
else if(!incomingHeaders.containsKey("username") &&
!incomingHeaders.containsKey("authorization")
&&
!incomingHeaders.get("user-agent").toLowerCase().contains("grpc-java-netty") &&
JWTToken == null) {
username = null;
password = null;
JWTToken = null;
LOGGER.info("both username and token are null. please
provide either username or token");
throw CallStatus.UNAUTHENTICATED.toRuntimeException();
}
defaultCatalog = incomingHeaders.get("catalog");
return () -> {
if (JWTToken != null) {
return JWTToken;
} else {
return username + "&password" + password;
}
};
}
```
### Component(s)
Java
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
