Hi Jordan, I was testing with the example code in the Apache Arrow Rust repo: https://github.com/apache/arrow-rs/blob/master/arrow-flight/examples/flight_sql_server.rs
To the best of my knowledge, it returns a token in the payload. I can see in ngrep that do_handshake is called and this is what it returns: let result = HandshakeResponse { protocol_version: 0, payload: FAKE_TOKEN.into(), }; let result = Ok(result); let output = futures::stream::iter(vec![result]); return Ok(Response::new(Box::pin(output))); In the Java code it looks like the authorization header is not part of the metadata that is passed: No authorization header! metadata = MetadataMap { headers: {"content-type": "application/grpc", "te": "trailers", "user-agent": "grpc-java-netty/1.60.0", "username": "admin", "grpc-accept-encoding": "gzip"} } I logged the metadata on the Rust side and the authorization header was missing indeed. IN the Netty logs it looks like the right Basic auth is passed in on getConnection, and the token comes back fine: 10:50:53.890 [grpc-nio-worker-ELG-1-2] DEBUG cfjd.io.grpc.netty.NettyClientHandler -- [id: 0x53dab587, L:/127.0.0.1:59757 - R:/127.0.0.1:50050] OUTBOUND HEADERS: streamId=3 headers=GrpcHttp2OutboundHeaders[:authority: 0.0.0.0:50050, :path: /arrow.flight.protocol.FlightService/Handshake, :method: POST, :scheme: http, content-type: application/grpc, te: trailers, user-agent: grpc-java-netty/1.60.0, username: admin, grpc-accept-encoding: gzip, authorization: Basic YWRtaW46cGFzc3dvcmQ=] streamDependency=0 weight=16 exclusive=false padding=0 endStream=false 10:50:53.895 [grpc-nio-worker-ELG-1-2] DEBUG cfjd.io.grpc.netty.NettyClientHandler -- [id: 0x53dab587, L:/127.0.0.1:59757 - R:/127.0.0.1:50050] OUTBOUND DATA: streamId=3 padding=0 endStream=true length=5 bytes=0000000000 10:50:53.898 [grpc-nio-worker-ELG-1-2] DEBUG cfjd.io.grpc.netty.NettyClientHandler -- [id: 0x53dab587, L:/127.0.0.1:59757 - R:/127.0.0.1:50050] INBOUND HEADERS: streamId=3 headers=GrpcHttp2ResponseHeaders[:status: 200, content-type: application/grpc, date: Thu, 18 Apr 2024 15:50:53 GMT] padding=0 endStream=false 10:50:53.899 [grpc-nio-worker-ELG-1-2] DEBUG cfjd.io.grpc.netty.NettyClientHandler -- [id: 0x53dab587, L:/127.0.0.1:59757 - R:/127.0.0.1:50050] INBOUND DATA: streamId=3 padding=0 endStream=false length=17 bytes=000000000c120a757569645f746f6b656e Subsequent calls in the JDBC/Netty log don't show the authorization header. On Wed, Apr 17, 2024 at 2:16 PM Istvan Fodor <i...@istvanfodor.com> wrote: > Hi All, > > I am trying to write a basic example of a Java/JDBC code querying from the > Arrow Rust example implementation of the Arrow Flight SQL server ( > https://github.com/apache/arrow-rs/blob/master/arrow-flight/examples/flight_sql_server.rs). > My impression was that based on the interoperability goals of the Arrow > project, these should work together just fine. > > It turns out the in my Java code, I can authenticate (getConnection()) > fine against the Rust server. User/password goes in, and a token comes > back, but subsequent calls (executeQuery() for example) don't include the > authorization token at all (it should look like authorization=Bearer > <token>), whereas I expected the token to just propagate to subsequent > calls as it should. > > I am using the 15.0.2 flight-sql-jdbc-driver. Any ideas what my issue > could be? Is there any extra setup that we need to do to get JDBC + Basic > auth to work besides supplying user and password parameters? > > Thanks, > Istvan Fodor >