Apache Zeppelin Component Guide
Also available as:
PDF
loading table of contents...

Configure Zeppelin JDBC Password Security Using JCEKS

Apache Zeppelin supports JDBC intepreter passwords stored in JCEKS, to avoid specifying passwords in clear text. This feature prevents users from reading clear text passwords from the interpreter JSON file using the shell or other tools.

Use the following steps to configure Zeppelin JCEKS password security on an Ambari cluster.

  1. Create a keystore file using the hadoop credential command line command, with hadoop commons in the classpath:

    hadoop credential create jdbc.password -provider jceks://file/user/zeppelin/conf/zeppelin.jceks
  2. In the Zeppelin UI, click the user settings menu at the top right, then select Interpreter. On the Interpreters page, set the following jdbc properties:

    namevalue
    default.driverorg.postgresql.Driver
    default.jceks.credentialKeyjdbc.password
    default.jceks.filejceks://file/tmp/zeppelin.jceks
    default.urljdbc:postgresql://localhost:5432/
    default.userrk-user