You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@superset.apache.org by GitBox <gi...@apache.org> on 2021/12/01 12:54:58 UTC

[GitHub] [superset] geido commented on a change in pull request #17593: feat: Trino Authentications

geido commented on a change in pull request #17593:
URL: https://github.com/apache/superset/pull/17593#discussion_r760154233



##########
File path: docs/src/pages/docs/Connecting to Databases/trino.mdx
##########
@@ -8,20 +8,77 @@ version: 1
 
 ## Trino
 
-Supported trino version 352 and higher
-
-The [sqlalchemy-trino](https://pypi.org/project/sqlalchemy-trino/) library is the recommended way to connect to Trino through SQLAlchemy.
-
-The expected connection string is formatted as follows:
+SuperSet supports Trino >=352 via SQLAlchemy by using [sqlalchemy-trino](https://pypi.org/project/sqlalchemy-trino/) library.
 
+### Connection String
+The connection string format is as follows:
 ```
 trino://{username}:{password}@{hostname}:{port}/{catalog}
 ```
-If you are running trino with docker on local machine please use the following connection URL
 
+If you are running Trino with docker on local machine, please use the following connection URL
 ```
 trino://trino@host.docker.internal:8080
 ```
 
-Reference:
-[Trino-Superset-Podcast](https://trino.io/episodes/12.html)
+### Authentications
+#### 1. Basic Authentication
+You can provide `username`/`password` in connection string or in `Secure Extra` field at `Advanced / Security`
+* In Connection String
+    ```
+    trino://{username}:{password}@{hostname}:{port}/{catalog}
+    ```
+
+* In `Secure Extra` field
+    ```json
+    {
+        "auth_method": "basic",
+        "auth_params": {
+            "username": "<username>",
+            "password": "<password>"
+        }
+    }
+    ```
+
+NOTE: if both are provided, `Secure Extra` always take higher priority.
+
+#### 2. Kerberos Authentication
+In `Secure Extra` field, config as following example:
+```json
+{
+    "auth_method": "kerberos",
+    "auth_params": {
+        "service_name": "SuperSet",
+        "config": "/path/to/krb5.config",
+        ...
+    }
+}
+```
+
+All fields in `auth_params` are passed directly to [`KerberosAuthentication`](https://github.com/trinodb/trino-python-client/blob/0.306.0/trino/auth.py#L40) class.
+
+#### 3. JWT Authentication
+Config `auth_method` and provide token in `Secure Extra` field
+```json
+{
+    "auth_method": "jwt",
+    "auth_params": {
+        "token": "<your-jwt-token>"
+    }
+}
+```
+
+#### 4. Custom Authentication
+```json
+{
+    "auth_method": "<your.module:AuthClass>",
+    "auth_params": {
+        ...
+    }
+}
+```
+You can also provide custom authentication by provide reference to your `trino.auth.Authentication` class
+or create function (which return an `Authentication` instance).

Review comment:
       ```suggestion
   You can also provide custom authentication by providing reference to your `trino.auth.Authentication` class
   or create a function (which returns an `Authentication` instance).
   ```

##########
File path: docs/src/pages/docs/Connecting to Databases/trino.mdx
##########
@@ -8,20 +8,77 @@ version: 1
 
 ## Trino
 
-Supported trino version 352 and higher
-
-The [sqlalchemy-trino](https://pypi.org/project/sqlalchemy-trino/) library is the recommended way to connect to Trino through SQLAlchemy.
-
-The expected connection string is formatted as follows:
+SuperSet supports Trino >=352 via SQLAlchemy by using [sqlalchemy-trino](https://pypi.org/project/sqlalchemy-trino/) library.
 
+### Connection String
+The connection string format is as follows:
 ```
 trino://{username}:{password}@{hostname}:{port}/{catalog}
 ```
-If you are running trino with docker on local machine please use the following connection URL
 
+If you are running Trino with docker on local machine, please use the following connection URL
 ```
 trino://trino@host.docker.internal:8080
 ```
 
-Reference:
-[Trino-Superset-Podcast](https://trino.io/episodes/12.html)
+### Authentications
+#### 1. Basic Authentication
+You can provide `username`/`password` in connection string or in `Secure Extra` field at `Advanced / Security`

Review comment:
       ```suggestion
   You can provide `username`/`password` in the connection string or in the `Secure Extra` field at `Advanced / Security`
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@superset.apache.org
For additional commands, e-mail: notifications-help@superset.apache.org