[
https://issues.apache.org/jira/browse/CALCITE-2503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16596798#comment-16596798
]
ASF GitHub Bot commented on CALCITE-2503:
-----------------------------------------
Github user joshelser commented on the issue:
https://github.com/apache/calcite-avatica/pull/67
> Sure. Will do. Will be good if you can point me to that.
https://github.com/apache/calcite-avatica/tree/master/tck probably needs
some love already, but it's a start.
> If you were using TLS and not MTLS, you would not still find the issue.
This is a really corner case and very hard to get into unless we have a
specific use case :)
Ah, I was assuming that this would affect all cases with authn. Missed that
it was only for MTLS :)
> AvaticaCommonsHttpClientImpl client needs to set user-token on
> HttpClientContext before sending the request
> -----------------------------------------------------------------------------------------------------------
>
> Key: CALCITE-2503
> URL: https://issues.apache.org/jira/browse/CALCITE-2503
> Project: Calcite
> Issue Type: Improvement
> Reporter: Karan Mehta
> Assignee: Karan Mehta
> Priority: Major
> Attachments: CALCITE-2503.001.patch
>
>
> One of the Avatica client implementations, AvaticaCommonsHttpClientImpl, uses
> a PoolingHttpClientConnectionManager. When using mutual authentication on the
> client pool, we need to ensure that we are setting a user-token on the
> HttpClientContext, otherwise it ends up creating a new connection everytime
> and not reusing it. See:
> [https://hc.apache.org/httpcomponents-client-ga/tutorial/html/advanced.html]
> for more details
> This results in significant perf degradation since every new connection tries
> to complete a SSL handshake (which is expensive)
> See:
> https://stackoverflow.com/questions/548029/how-much-overhead-does-ssl-impose
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
