commit | c3a9192347b4354337a906838499ff25236d63bc | [log] [tgz] |
---|---|---|
author | Josh Elser <elserj@apache.org> | Thu Dec 31 23:28:15 2020 -0500 |
committer | Josh Elser <josh.elser@gmail.com> | Fri Oct 29 13:08:50 2021 -0400 |
tree | 0b6740ae952927211d6830f4a0a2b6f4626d5600 | |
parent | 95c1eb06ecb9dbc85de6d12142b013271965c594 [diff] |
[CALCITE-4152] Upgrade Avatica to use the configurable SPNEGO Jetty implementation Jetty has deprecated the previously-used version of SPNEGO login code. This change requires a few other changes to adopt: 1. Removal of automatic server login via JAAS (Jetty removed this and expects explicit logins for the server). 2. Separation of Authentication and Authorization (we're required to use a LoginService for authz to use the new SPNEGO authentication). For the benefit of making this change, we automatically inherit the Jetty Session logic which can skip SPNEGO authentication for the 2nd to Nth call to Avatica. For a "workload" which previously took N HTTP calls to Avatica to perform, this can now be done in (N/2)+1 HTTP calls which, for average Avatica calls, results in a nearly 2x speed-up. Jetty Sessions will cause a JSESSIONID cookie to be sent back on the successful SPNEGO authentication handshake. As long as the client resubmits this cookie for subsequent requests, the identity of the client is kept intact. To test this more easily, this change also includes updates to the Avatica StandaloneServer, which more easily enables setup of Avatica against any database (e.g. hsqldb with the SCOTT dataset).
Apache Calcite's Avatica is a framework for building database drivers.
Avatica is a sub-project of Apache Calcite.
For more details, see the home page.
Release notes for all published versions are available on the history page.