trino icon indicating copy to clipboard operation
trino copied to clipboard

Published 20 hours ago verified publisher icon trinodb

Support JDBC Password Authenticator

Open nqvuong1998 opened this issue 4 months ago • 0 comments

Summary

Add a JDBC-based password authenticator to Trino, enabling authentication by querying username and password from a relational database (e.g., PostgreSQL), alongside existing file and LDAP authenticators.

Motivation

Many organizations store credentials in databases like PostgreSQL or MySQL. A JDBC authenticator would allow Trino to authenticate users via a configurable SQL query, enhancing integration with existing database-driven authentication systems.

Proposed Implementation

Introduce a jdbc password authenticator that uses a JDBC connection to validate credentials via a SQL query.

Configuration Properties

password-authenticator.name=jdbc
jdbc.driver.class: JDBC driver (e.g., org.postgresql.Driver)
jdbc.url: Database URL (e.g., jdbc:postgresql://localhost:5432/auth_db)
jdbc.user: Database user
jdbc.password: Database password
jdbc.query: SQL query returning 1 for valid credentials, using ${user} and ${password} placeholders

Example Configuration

password-authenticator.name=jdbc
jdbc.driver.class=org.postgresql.Driver
jdbc.url=jdbc:postgresql://localhost:5432/auth_db
jdbc.user=admin
jdbc.password=password
jdbc.query=SELECT 1 FROM auth_table WHERE username=${user} AND password=MD5(CONCAT(salt,${password}))

nqvuong1998 avatar Jun 10 '25 07:06 nqvuong1998