Hi,

I'm discovering Calcite after a customer asked me to enhance a proof of concept 
they made with it.

I could get most things to work as needed and am very impressed with the 
possibilities offered.  But completely stuck on a critical point : I can't find 
any hint on how to manage authentication and authorization of users - sorry if 
information is available and I somehow missed it, but I did my best to research 
it.

The customer needs to allow access only to certain schemas or tables (or 
columns as a bonus) based on user role.

Do you know of any standard way to implement this ? Ideally I would need to 
implement it as low as possible in the stack as I'd like to use the same 
authorization process for both front-end users and users connecting through the 
Avatica JDBC driver.

With my still limited knowledge of Calcite, the only "off the shelf" solution I 
could find is to create one Calcite model per role and start one Avatica server 
per model. Obviously I'm not very proud of this one as it's not really scalable 
nor elegant and there has to be a better solution.

Any hint to point me in the right direction would be hugely appreciated as I 
would need the same for future projects.



Of course if some development is needed to implement this in Calcite this could 
be an opportunity to contribute to the project.



Many thanks in advance and best regards,



Joachim


Reply via email to