[ 
https://issues.apache.org/jira/browse/CALCITE-3384?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16941742#comment-16941742
 ] 

István Tóth edited comment on CALCITE-3384 at 10/10/19 11:01 AM:
-----------------------------------------------------------------

The patch mostly just reshuffles existing code.

There are some minor differences in behaviour though:
 * I have removed the explicit check that disables HTTPS SPNEGO from the server 
side
 * -I have removed the keystore password checks, so now unprotected keystores 
are not rejected outright-
 * If avatica.http.spnego.max_cached and avatica.http.spnego.max_per_route are 
not set, they default to avatica.pooled.connections.max and 
avatica.pooled.connections.per.route respectively (which in turn default to the 
same values that the SPENGO specific parameters used to default to)

cc [~elserj]


was (Author: stoty):
The patch mostly just reshuffles existing code.

There are some minor differences in behaviour though:
 * I have removed the explicit check that disables HTTPS SPNEGO from the server 
side
 * I have removed the keystore password checks, so now unprotected keystores 
are not rejected outright
 * If avatica.http.spnego.max_cached and avatica.http.spnego.max_per_route are 
not set, they default to avatica.pooled.connections.max and 
avatica.pooled.connections.per.route respectively (which in turn default to the 
same values that the SPENGO specific parameters used to default to)

cc [~elserj]

> Support Kerberos-authentication using SPNEGO over HTTPS
> -------------------------------------------------------
>
>                 Key: CALCITE-3384
>                 URL: https://issues.apache.org/jira/browse/CALCITE-3384
>             Project: Calcite
>          Issue Type: Improvement
>    Affects Versions: avatica-1.16.0
>            Reporter: István Tóth
>            Assignee: István Tóth
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> Avatica supports both HTTPS connections, and kerberos authentication using 
> SPNEGO, but not both at same.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to