LDAP
A Presto target connector can be configured to use LDAP authentication.
For more information about setting up the Presto LDAP configuration, see Teradata Presto Documentation available from http://www.info.teradata.com: .
Currently, QueryGrid only supports simple LDAP authentication mechanism involving username and password. The Presto target connector sends a username and password to the internal coordinator code, and it validates these credentials using an external LDAP service. Both Active Directory and Open LDAP are supported. Presto requires Secure LDAP (LDAPS), so make sure you have TLS enabled on your LDAP server. Presto documentation on how to configure Presto to enable LDAP authentication over HTTPs can be found at http://teradata.github.io/presto/docs/current/security/ldap.html.
| Setting | Description |
|---|---|
| Port | Set to the HTTPS server port, or to the value of the http-server.https.port value in the presto config.properties file. |
| Authentication Mechanism | Set to LDAP. |
| Username | Set to the LDAP user name. |
| Password | Set to the LDAP user password. |
| SSL Trust or Key Store Path | Set to the Java trust store or Key Store absolute path. |
| SSL Trust or Key Store Password | Set to the password for the Java trust store or Key Store file you entered into the SSL Trust or Key Store Path property. |
For more information, see Presto Connector and Link Properties.
Kerberos
You can set up QueryGrid to use Kerberos authentication with the Presto target connector; it uses two forms of authentication with Kerberos:
- Username/Password
- The Presto target connector authenticates the username and password against Kerberos before sending the query to the data source.
- Kerberos Keytab
- Presto can be configured to enable Kerberos Keytab authentication.