Password credential passthrough#

The password credential passthrough feature guarantees that the data Presto accesses is the same as the data available to a user who has direct access to the data source. This allows you to authenticate using the CLI or client application with the JDBC or ODBC driver. The supplied credentials are passed through Presto and the connector to the underlying data source.

It requires that the data source and Presto use the same authentication backend using the same credentials. A common example is an LDAP system such as Active Directory.

Configuration#

To enable, include DELEGATED-PASSWORD in the config.properties file:

http-server.authentication.type=DELEGATED-PASSWORD

Typically, multiple authentication types are used and must be configured as comma separated values:

http-server.authentication.type=PASSWORD,DELEGATED-PASSWORD

Update the catalog file, as needed by the connector, to enable password credential passthrough:

<connector_name>.authentication.type=PASSWORD_PASS_THROUGH