Hello,
I'd like to connect to an external (Teradata) database with zeppelin, using
%jdbc interpretor.
Here is my context:
- The user is logged in to zeppelin using a LDAP account known in the Hadoop
context, not the database
- The user is impersonified for spark operation using "sudo" commands from the
zeppelin account to the user
- The user has its own user/password (separate from the Hadoop LDAP one) to
connect to teradata
If I put an hard-coded "user/password" in the %jdbc interpreter configuration,
it works, but I can't do it for security reasons:
- no user impersonate= system account usage = no linkage, no permission check
(choice between full access to everyone to anything or minimal access to
everyone...)
- unencrypted critical system password storage
A solution that I can imagine would be for instance:
- to support something like ${ZEPPELIN_IMPERSONATE_USER} for default.user value
- to be prompted for the password when the per-user interpreter starts, and
keep the password in memory only
Do you have a solution that could work with v0.7.3 ?
Best regards,
Arnaud
________________________________
L'intégrité de ce message n'étant pas assurée sur internet, la société
expéditrice ne peut être tenue responsable de son contenu ni de ses pièces
jointes. Toute utilisation ou diffusion non autorisée est interdite. Si vous
n'êtes pas destinataire de ce message, merci de le détruire et d'avertir
l'expéditeur.
The integrity of this message cannot be guaranteed on the Internet. The company
that sent this message cannot therefore be held liable for its content nor
attachments. Any unauthorized use or dissemination is prohibited. If you are
not the intended recipient of this message, then please delete it and notify
the sender.
