You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@zeppelin.apache.org by Kevin Niemann <ke...@gmail.com> on 2016/09/23 16:17:40 UTC

Using R package with hidden credentials

I'm using the Spark R interpreter with e.g. the mongolite package which
requires authentication to access MongoDB.

require(mongolite)
url <- "mongodb://username:password@some.server.com/DB"
m <- mongo(collection = "events", db = "myDB", url = url, verbose = FALSE)

I'm looking at different approaches to hide the username/password
credentials from the user:

1. Hide editor from readers. Only allow Writers to see the code. Downside
is the editor must remember to hide editor if making changes (potential for
human error) and no one else can see the actual code to produce the report.

2. Use a form to require input username/password at runtime. I can't
actually get .z.input("username") working in %spark.r paragraph. Angular
forms didn't work for me either, not sure how to assign an input or angular
binding to an R variable.

3. Use Data source authorization/credential API. Seems pretty much out of
the question since Spark isn't passing the creds to the R function.

Anything I missed?

Lastly (somewhat unrelated), returning a data frame should show the display
system, but it's not. e.g.

%spark.r
data(mtcars)
mtcars
Mazda RX4 21.0 6 160.0 110 3.90 2.620 16.46 0 1 4 4


Thanks,

Re: Using R package with hidden credentials

Posted by Alexander Bezzubov <bz...@apache.org>.

Hi Kevin,

approach #2 sounds very reasonable and should work indeed.

Ahyoung, how do you think you could you take a quick look at the cases with
SparkR that Kevin described and see if that is documented\expected outcome?

--
Alex

On Fri, Sep 23, 2016 at 9:17 AM, Kevin Niemann <ke...@gmail.com>
wrote:

> I'm using the Spark R interpreter with e.g. the mongolite package which
> requires authentication to access MongoDB.
>
> require(mongolite)
> url <- "mongodb://username:password@some.server.com/DB"
> m <- mongo(collection = "events", db = "myDB", url = url, verbose = FALSE)
>
> I'm looking at different approaches to hide the username/password
> credentials from the user:
>
> 1. Hide editor from readers. Only allow Writers to see the code. Downside
> is the editor must remember to hide editor if making changes (potential for
> human error) and no one else can see the actual code to produce the report.
>
> 2. Use a form to require input username/password at runtime. I can't
> actually get .z.input("username") working in %spark.r paragraph. Angular
> forms didn't work for me either, not sure how to assign an input or angular
> binding to an R variable.
>
> 3. Use Data source authorization/credential API. Seems pretty much out of
> the question since Spark isn't passing the creds to the R function.
>
> Anything I missed?
>
> Lastly (somewhat unrelated), returning a data frame should show the
> display system, but it's not. e.g.
>
> %spark.r
> data(mtcars)
> mtcars
> Mazda RX4 21.0 6 160.0 110 3.90 2.620 16.46 0 1 4 4
>
>
> Thanks,
>