[
https://issues.apache.org/jira/browse/CALCITE-1173?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Josh Elser resolved CALCITE-1173.
---------------------------------
Resolution: Fixed
Added in
https://git1-us-west.apache.org/repos/asf?p=calcite.git;a=commit;h=37ed160f423b6c95cecd1b8f9ab4a2a2d220057f
Per discussion on the mailing list, basic and digest auth are added *only*
intended for use when database auth is not being used. As such, they are
completely disjoint from the traditional JDBC authentication properties
({{user}} and {{password}}). See the documentation updates for a full overview
of the feature.
This can serve as a first implementation if nothing else. The APIs to make the
authentication implementations pluggable are there as a part of these changes.
If a better solution exists, we can certainly swap out the backend for whatever.
> Basic and Digest authentication
> -------------------------------
>
> Key: CALCITE-1173
> URL: https://issues.apache.org/jira/browse/CALCITE-1173
> Project: Calcite
> Issue Type: Sub-task
> Components: avatica
> Reporter: Josh Elser
> Assignee: Josh Elser
> Fix For: avatica-1.8.0
>
>
> Started working on a prototype over the weekend (building on top of the
> SPNEGO auth work) which supports HTTP
> [Basic|https://en.wikipedia.org/wiki/Basic_access_authentication] and
> [Digest|https://en.wikipedia.org/wiki/Digest_access_authentication]
> authentication.
> Basic is the "dirt-simple" approach, but insecure (unless TLS is introduced).
> Digest is similarly simple (compared to Kerberos, anyways), but doesn't
> require wire encryption to protect against malicious third-parties.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
