[
https://issues.apache.org/jira/browse/CALCITE-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16483062#comment-16483062
]
ASF GitHub Bot commented on CALCITE-2294:
-----------------------------------------
Github user joshelser commented on a diff in the pull request:
https://github.com/apache/calcite-avatica/pull/48#discussion_r189713942
--- Diff:
server/src/main/java/org/apache/calcite/avatica/server/HttpServer.java ---
@@ -239,18 +239,8 @@ protected void internalStart() {
server.setConnectors(new Connector[] { connector });
// Default to using the handler that was passed in
- final HandlerList handlerList = new HandlerList();
- Handler avaticaHandler = handler;
-
- // Wrap the provided handler for security if we made one
- if (null != securityHandler) {
- securityHandler.setHandler(handler);
- avaticaHandler = securityHandler;
- }
+ configureHandlers(securityHandler);
--- End diff --
I like your suggestion, @apurtell! I was a bit reticent to suggest that as,
like you imply, it's a bit more work to set up all of those handlers on your
own. However, this would also fit nicely into the work that @aaraujo has
already done (the parameterized Jetty-specific stuff for the `Builder` class).
I think that providing "well-known authentication scenarios" is a nice
thing that we can do (e.g. basic, digest, spengo), and then leave `CUSTOM` for
the "let me drive" scenario where you set it all up yourself.
I'm still a bit curious if there's another "nicer" abstraction we could
provide from an API perspective that isn't full CUSTOM. For example, are there
more abstractions which would help us put the boilerplate into the
HttpServer.Builder and let you inject your SFDC specific authn/authz decisions?
I am just a little ignorant on the specifics of how your SFDC-specific thing
works. You can also just tell me to drop it and I'll stop poking :)
> Allow customization for AvaticaServerConfiguration for plugging new
> authentication mechanisms
> ---------------------------------------------------------------------------------------------
>
> Key: CALCITE-2294
> URL: https://issues.apache.org/jira/browse/CALCITE-2294
> Project: Calcite
> Issue Type: Improvement
> Components: avatica
> Reporter: Karan Mehta
> Priority: Major
>
> {{AvaticaServerConfiguration}} is currently only created if authentication
> mechanism such as {{BASIC, DIGEST or SPNEGO}} is provided. We can change it
> to a builder pattern to create this object and provide a way for users to
> plugin their own security configuration.
> An example here can be using it for custom config that supports MTLS.
> Thanks [~alexaraujo] for suggesting this approach.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
