You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@phoenix.apache.org by "Josh Elser (JIRA)" <ji...@apache.org> on 2016/07/06 14:17:11 UTC
[jira] [Commented] (PHOENIX-3048) Wire up HTTP Basic/Digest
authentication from Avatica into PQS
[ https://issues.apache.org/jira/browse/PHOENIX-3048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15364367#comment-15364367 ]
Josh Elser commented on PHOENIX-3048:
-------------------------------------
I have staged things https://github.com/joshelser/phoenix/tree/PHOENIX-3048-pqs-simple-auth
Will circle back around after 4.8.0.
> Wire up HTTP Basic/Digest authentication from Avatica into PQS
> --------------------------------------------------------------
>
> Key: PHOENIX-3048
> URL: https://issues.apache.org/jira/browse/PHOENIX-3048
> Project: Phoenix
> Issue Type: Improvement
> Reporter: Josh Elser
> Assignee: Josh Elser
> Fix For: 4.9.0
>
>
> Had an ask last week about exposing the HTTP Basic and Digest authentication I put into Avatica 1.8.0.
> I avoided wiring it up because the Jetty-based configuration file properties aren't really a desirable solution for any security-minded organization (we need some integration with an external credentials management system, not a bunch of plain-text files laying around).
> However, until we get to that point, there may be some extra value seen in some simple username-password authentication that PQS can assert for cases when Kerberos isn't desirable (even with the flat-file approach).
> The trickiest part, I think, will just be getting the password sent around securely. I've been playing with a mock-up of this today. Will put up a prelim patch shortly.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)