Problem

Some deployments need per-connection authentication against the result database (e.g. AWS RDS IAM auth, HashiCorp Vault short-lived tokens, JWT injection). SQLAlchemy supports this via do_connect event listeners, but there is currently no hook to register them on the engine Celery creates.

Proposed solution

Add an engine_callback parameter to SessionManager and a database_engine_callback config setting on DatabaseBackend. The callback receives the engine immediately after creation, before any connections are made.

Fixed by #10135