Hi Som, There are some examples in the unit tests of wiring up HTTP basic and digest authentication via the provided Jetty implementations. These aren't super useful in the real world (because our authentication database is rarely a flat file).
There is a fine line between things we can cleanly do in Avatica versus scope creep. For example, projects like Apache Knox have a gateway whose sole purpose is to proxy RESTful services and provide authentication to them. I think as long as providing "batteries-included" authentication for Avatica doesn't detract for its core mission (proxied JDBC over HTTP), then it would be a fine addition. One other concern I have is exposing Jetty-specific functionality via Avatica public API. Because we cannot control Jetty API, we should not have any Jetty classes in our public API. Karan had added some ServerCustomizer logic in CALCITE-2294 which attempted to expose the ability to configure Avatica for mTLS without polluting our API as an example. I'd expect you could take a similar approach. On Mon, Nov 11, 2019 at 3:54 PM Soman Ullah <somanul...@gmail.com> wrote: > > Hello everyone, > Are there any implementations of AbstractAvaticaHandler which provides a > method to add a custom servlet filter? I would like to add authentication > based filters to requests that flow through the avatica driver. > If this feature doesnt exist, is the community open towards accepting that > as a feature? > > Thanks, > Som