Password credential pass-through#

The password credential pass-through feature guarantees that the data PrestoSQL accesses is the same as the data available to a user who has direct access to the data source. This allows you to authenticate using the CLI or client application with the JDBC or ODBC driver. The supplied credentials are passed through PrestoSQL and the connector to the underlying data source.

It requires that the data source and PrestoSQL use the same authentication backend using the same credentials. A common example is an LDAP system such as Active Directory.

Configuration#

To enable, include DELEGATED-PASSWORD in the config.properties file:

http-server.authentication.type=DELEGATED-PASSWORD

Typically, multiple authentication types are used and must be configured as comma separated values:

http-server.authentication.type=PASSWORD,DELEGATED-PASSWORD

Update the catalog file, as needed by the connector, to enable password credential pass-through:

<connector_name>.authentication.type=PASSWORD_PASS_THROUGH