[
https://issues.apache.org/jira/browse/HBASE-28489?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17834794#comment-17834794
]
Istvan Toth commented on HBASE-28489:
-------------------------------------
This works out of the box for SPNEGO.
It doesn't work for BASIC/simple.
The Knox BASIC->Kerberos auth translation case should also be good, as Knox
authenticates itself using SPENGO, and is expected to forward the cookie to the
client (the same works for Avatica).
The only case where a cookie is not sent is when the authentication type is
undefined.
We COULD define a handler for that, and set the cookie, but I cannot think of a
use case where that would be needed.
> Implement HTTP session support in REST server and client
> --------------------------------------------------------
>
> Key: HBASE-28489
> URL: https://issues.apache.org/jira/browse/HBASE-28489
> Project: HBase
> Issue Type: Improvement
> Components: REST
> Reporter: Istvan Toth
> Assignee: Istvan Toth
> Priority: Major
>
> The REST server (and java client) currently does not implement sessions.
> While is not necessary for the REST API to work, implementing sessions would
> be a big improvement in throughput and resource usage.
> * It would make load balancing with sticky sessions possible
> * It would save the overhead of performing authentication for each request
> The gains are particularly big when using SPENGO:
> * The full SPENGO handshake can be skipped for subsequent requests
> * When Knox performs SPENGO authentication for the proxied client, it access
> the identity store each time. When the session is set, this step is only
> perfomed on the initial request.
> The same change has resulted in spectacular performance improvements for
> Phoenix Query Server when implemented in Avatica.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
