[jira] [Commented] (CALCITE-2294) Allow customization for AvaticaServerConfiguration for plugging new authentication mechanisms

Mon, 21 May 2018 09:01:23 -0700 

    [ 
https://issues.apache.org/jira/browse/CALCITE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16482661#comment-16482661
 ] 

ASF GitHub Bot commented on CALCITE-2294:
-----------------------------------------

Github user joshelser commented on a diff in the pull request:

    https://github.com/apache/calcite-avatica/pull/48#discussion_r189632752
  
    --- Diff: 
server/src/main/java/org/apache/calcite/avatica/server/HttpServer.java ---
    @@ -239,18 +239,8 @@ protected void internalStart() {
         server.setConnectors(new Connector[] { connector });
     
         // Default to using the handler that was passed in
    -    final HandlerList handlerList = new HandlerList();
    -    Handler avaticaHandler = handler;
    -
    -    // Wrap the provided handler for security if we made one
    -    if (null != securityHandler) {
    -      securityHandler.setHandler(handler);
    -      avaticaHandler = securityHandler;
    -    }
    +    configureHandlers(securityHandler);
    --- End diff --
    
    At this point, `securityHandler` is null because you don't have a case 
statement for `CUSTOM` a few lines above.
    
    This means that your CUSTOM AuthenticationType is obtusely "unimplemented". 
There isn't any clarity in here for me to know what security methods on the 
`AvaticaServerConfiguration` will actually have effect, and which will not.
    
    For example, I may try to configure the login realm via the `ASC`, but I 
don't think that would actually be interrogated. When constructing the Jetty 
server.


> Allow customization for AvaticaServerConfiguration for plugging new 
> authentication mechanisms
> ---------------------------------------------------------------------------------------------
>
>                 Key: CALCITE-2294
>                 URL: https://issues.apache.org/jira/browse/CALCITE-2294
>             Project: Calcite
>          Issue Type: Improvement
>          Components: avatica
>            Reporter: Karan Mehta
>            Priority: Major
>
> {{AvaticaServerConfiguration}} is currently only created if authentication 
> mechanism such as {{BASIC, DIGEST or SPNEGO}} is provided. We can change it 
> to a builder pattern to create this object and provide a way for users to 
> plugin their own security configuration.
> An example here can be using it for custom config that supports MTLS.
> Thanks [~alexaraujo] for suggesting this approach.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to