You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@calcite.apache.org by "Josh Elser (JIRA)" <ji...@apache.org> on 2017/03/21 02:55:42 UTC

[jira] [Comment Edited] (CALCITE-1539) Enable proxy access to Avatica server for third party on behalf of end users

    [ https://issues.apache.org/jira/browse/CALCITE-1539?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15934005#comment-15934005 ] 

Josh Elser edited comment on CALCITE-1539 at 3/21/17 2:54 AM:
--------------------------------------------------------------

bq. One thing I am not clear is you suggested using RemoteUserExtractor extends Callable, what's the advantage here? 

It is just a simple Interface that already exists that gives us a {{T call() throws Exception}} method signature.

Oh, I see your confusion. Just don't create your own method. Make

{code}
+public interface RemoteUserExtractor extends Callable<HttpServletRequest> {
+  String extractRemoteUser(HttpServletRequest request);
+}
{code}

instead be

{code}
+public interface RemoteUserExtractor extends Callable<HttpServletRequest> {
+
+}
{code}

I don't think the intent of what users would need to do is ambiguous (given the interface name and the single method).


was (Author: elserj):
bq. One thing I am not clear is you suggested using RemoteUserExtractor extends Callable, what's the advantage here? 

It is just a simple Interface that already exists that gives us a {{T call() throws Exception}} method signature.

> Enable proxy access to Avatica server for third party on behalf of end users
> ----------------------------------------------------------------------------
>
>                 Key: CALCITE-1539
>                 URL: https://issues.apache.org/jira/browse/CALCITE-1539
>             Project: Calcite
>          Issue Type: Improvement
>          Components: avatica
>            Reporter: Jerry He
>            Assignee: Shi Wang
>         Attachments: 0001-CALCITE-1539-Enable-proxy-access-to-Avatica-server-f.patch, 0001-CALCITE-1539.patch, 0001-CALCITE-1539_without_testcase.patch
>
>
> We want to enable proxy access to Avatica server from an end user, but the end user comes in via a third party impersonation.  For example, Knox and Hue.
> The Knox server user conveys the end user to Avatica.
> Similar things have been done for HBase Rest Sever HBASE-9866 and Hive Server HIVE-5155



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)