[
https://issues.apache.org/jira/browse/CALCITE-3384?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16941742#comment-16941742
]
István Tóth commented on CALCITE-3384:
--------------------------------------
The patch mostly just reshuffles existing code.
There are some minor differences in behaviour though:
* I have removed the explicit check that disables HTTPS SPNEGO from the server
side
* I have removed the keystore password checks, so now unprotected keystores
are not rejected outright
* If avatica.http.spnego.max_cached and avatica.http.spnego.max_per_route are
not set, they default to avatica.pooled.connections.max and
avatica.pooled.connections.per.route respectively (which in turn default to the
same values that the SPENGO specific parameters used to default to)
cc [~elserj]
> Support Kerberos-authentication using SPNEGO over HTTPS
> -------------------------------------------------------
>
> Key: CALCITE-3384
> URL: https://issues.apache.org/jira/browse/CALCITE-3384
> Project: Calcite
> Issue Type: Improvement
> Affects Versions: avatica-1.16.0
> Reporter: István Tóth
> Priority: Major
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Avatica supports both HTTPS connections, and kerberos authentication using
> SPNEGO, but not both at same.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
