diff --git a/client/trino-jdbc/src/main/java/io/trino/jdbc/ConnectionProperties.java b/client/trino-jdbc/src/main/java/io/trino/jdbc/ConnectionProperties.java index 400444a78d26..0ced9c62bdc1 100644 --- a/client/trino-jdbc/src/main/java/io/trino/jdbc/ConnectionProperties.java +++ b/client/trino-jdbc/src/main/java/io/trino/jdbc/ConnectionProperties.java @@ -59,6 +59,7 @@ enum SslVerificationMode public static final ConnectionProperty APPLICATION_NAME_PREFIX = new ApplicationNamePrefix(); public static final ConnectionProperty DISABLE_COMPRESSION = new DisableCompression(); public static final ConnectionProperty ASSUME_LITERAL_NAMES_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS = new AssumeLiteralNamesInMetadataCallsForNonConformingClients(); + public static final ConnectionProperty ASSUME_LITERAL_UNDERSCORE_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS = new AssumeLiteralUnderscoreInMetadataCallsForNonConformingClients(); public static final ConnectionProperty SSL = new Ssl(); public static final ConnectionProperty SSL_VERIFICATION = new SslVerification(); public static final ConnectionProperty SSL_KEY_STORE_PATH = new SslKeyStorePath(); @@ -98,6 +99,7 @@ enum SslVerificationMode .add(APPLICATION_NAME_PREFIX) .add(DISABLE_COMPRESSION) .add(ASSUME_LITERAL_NAMES_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS) + .add(ASSUME_LITERAL_UNDERSCORE_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS) .add(SSL) .add(SSL_VERIFICATION) .add(SSL_KEY_STORE_PATH) @@ -289,9 +291,34 @@ public DisableCompression() private static class AssumeLiteralNamesInMetadataCallsForNonConformingClients extends AbstractConnectionProperty { + private static final Predicate IS_ASSUME_LITERAL_NAMES_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS_NOT_ENABLED = + checkedPredicate(properties -> !ASSUME_LITERAL_NAMES_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS.getValue(properties).orElse(false)); + public AssumeLiteralNamesInMetadataCallsForNonConformingClients() { - super("assumeLiteralNamesInMetadataCallsForNonConformingClients", NOT_REQUIRED, ALLOWED, BOOLEAN_CONVERTER); + super( + "assumeLiteralNamesInMetadataCallsForNonConformingClients", + NOT_REQUIRED, + AssumeLiteralUnderscoreInMetadataCallsForNonConformingClients.IS_ASSUME_LITERAL_UNDERSCORE_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS_NOT_ENABLED + .or(IS_ASSUME_LITERAL_NAMES_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS_NOT_ENABLED), + BOOLEAN_CONVERTER); + } + } + + private static class AssumeLiteralUnderscoreInMetadataCallsForNonConformingClients + extends AbstractConnectionProperty + { + private static final Predicate IS_ASSUME_LITERAL_UNDERSCORE_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS_NOT_ENABLED = + checkedPredicate(properties -> !ASSUME_LITERAL_UNDERSCORE_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS.getValue(properties).orElse(false)); + + public AssumeLiteralUnderscoreInMetadataCallsForNonConformingClients() + { + super( + "assumeLiteralUnderscoreInMetadataCallsForNonConformingClients", + NOT_REQUIRED, + AssumeLiteralNamesInMetadataCallsForNonConformingClients.IS_ASSUME_LITERAL_NAMES_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS_NOT_ENABLED + .or(IS_ASSUME_LITERAL_UNDERSCORE_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS_NOT_ENABLED), + BOOLEAN_CONVERTER); } } diff --git a/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoConnection.java b/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoConnection.java index c4e3187f7f6a..674b4c67f0c9 100644 --- a/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoConnection.java +++ b/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoConnection.java @@ -97,6 +97,7 @@ public class TrinoConnection private final Optional sessionUser; private final boolean compressionDisabled; private final boolean assumeLiteralNamesInMetadataCallsForNonConformingClients; + private final boolean assumeLiteralUnderscoreInMetadataCallsForNonConformingClients; private final Map extraCredentials; private final Optional applicationNamePrefix; private final Optional source; @@ -123,6 +124,7 @@ public class TrinoConnection this.extraCredentials = uri.getExtraCredentials(); this.compressionDisabled = uri.isCompressionDisabled(); this.assumeLiteralNamesInMetadataCallsForNonConformingClients = uri.isAssumeLiteralNamesInMetadataCallsForNonConformingClients(); + this.assumeLiteralUnderscoreInMetadataCallsForNonConformingClients = uri.isAssumeLiteralUnderscoreInMetadataCallsForNonConformingClients(); this.httpClient = requireNonNull(httpClient, "httpClient is null"); uri.getClientInfo().ifPresent(tags -> clientInfo.put(CLIENT_INFO, tags)); uri.getClientTags().ifPresent(tags -> clientInfo.put(CLIENT_TAGS, tags)); @@ -271,7 +273,7 @@ public boolean isClosed() public DatabaseMetaData getMetaData() throws SQLException { - return new TrinoDatabaseMetaData(this, assumeLiteralNamesInMetadataCallsForNonConformingClients); + return new TrinoDatabaseMetaData(this, assumeLiteralNamesInMetadataCallsForNonConformingClients, assumeLiteralUnderscoreInMetadataCallsForNonConformingClients); } @Override diff --git a/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoDatabaseMetaData.java b/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoDatabaseMetaData.java index 66c065a6021d..f88295936b82 100644 --- a/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoDatabaseMetaData.java +++ b/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoDatabaseMetaData.java @@ -34,6 +34,7 @@ import java.util.List; import java.util.stream.Stream; +import static com.google.common.base.Preconditions.checkArgument; import static com.google.common.base.Verify.verify; import static com.google.common.collect.Lists.newArrayList; import static io.trino.client.ClientTypeSignature.VARCHAR_UNBOUNDED_LENGTH; @@ -51,11 +52,16 @@ public class TrinoDatabaseMetaData private final TrinoConnection connection; private final boolean assumeLiteralNamesInMetadataCallsForNonConformingClients; + private final boolean assumeLiteralUnderscoreInMetadataCallsForNonConformingClients; - TrinoDatabaseMetaData(TrinoConnection connection, boolean assumeLiteralNamesInMetadataCallsForNonConformingClients) + TrinoDatabaseMetaData( + TrinoConnection connection, + boolean assumeLiteralNamesInMetadataCallsForNonConformingClients, + boolean assumeLiteralUnderscoreInMetadataCallsForNonConformingClients) { this.connection = requireNonNull(connection, "connection is null"); this.assumeLiteralNamesInMetadataCallsForNonConformingClients = assumeLiteralNamesInMetadataCallsForNonConformingClients; + this.assumeLiteralUnderscoreInMetadataCallsForNonConformingClients = assumeLiteralUnderscoreInMetadataCallsForNonConformingClients; } @Override @@ -1563,19 +1569,26 @@ private static void optionalStringInFilter(List filters, String columnNa @Nullable private String escapeIfNecessary(@Nullable String namePattern) + throws SQLException { - return escapeIfNecessary(assumeLiteralNamesInMetadataCallsForNonConformingClients, namePattern); + return escapeIfNecessary(assumeLiteralNamesInMetadataCallsForNonConformingClients, assumeLiteralUnderscoreInMetadataCallsForNonConformingClients, namePattern); } @Nullable - static String escapeIfNecessary(boolean assumeLiteralNamesInMetadataCallsForNonConformingClients, @Nullable String namePattern) - { - if (namePattern == null || !assumeLiteralNamesInMetadataCallsForNonConformingClients) { + static String escapeIfNecessary( + boolean assumeLiteralNamesInMetadataCallsForNonConformingClients, + boolean assumeLiteralUnderscoreInMetadataCallsForNonConformingClients, + @Nullable String namePattern) + { + checkArgument( + !assumeLiteralNamesInMetadataCallsForNonConformingClients || !assumeLiteralUnderscoreInMetadataCallsForNonConformingClients, + "assumeLiteralNamesInMetadataCallsForNonConformingClients and assumeLiteralUnderscoreInMetadataCallsForNonConformingClients cannot be both true"); + if (namePattern == null || (!assumeLiteralNamesInMetadataCallsForNonConformingClients && !assumeLiteralUnderscoreInMetadataCallsForNonConformingClients)) { return namePattern; } //noinspection ConstantConditions verify(SEARCH_STRING_ESCAPE.equals("\\")); - return namePattern.replaceAll("[_%\\\\]", "\\\\$0"); + return namePattern.replaceAll(assumeLiteralNamesInMetadataCallsForNonConformingClients ? "[_%\\\\]" : "[_\\\\]", "\\\\$0"); } private static void optionalStringLikeFilter(List filters, String columnName, String value) diff --git a/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoDriverUri.java b/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoDriverUri.java index a10fe118fe58..dc97e63fcf3e 100644 --- a/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoDriverUri.java +++ b/client/trino-jdbc/src/main/java/io/trino/jdbc/TrinoDriverUri.java @@ -54,6 +54,7 @@ import static io.trino.jdbc.ConnectionProperties.ACCESS_TOKEN; import static io.trino.jdbc.ConnectionProperties.APPLICATION_NAME_PREFIX; import static io.trino.jdbc.ConnectionProperties.ASSUME_LITERAL_NAMES_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS; +import static io.trino.jdbc.ConnectionProperties.ASSUME_LITERAL_UNDERSCORE_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS; import static io.trino.jdbc.ConnectionProperties.CLIENT_INFO; import static io.trino.jdbc.ConnectionProperties.CLIENT_TAGS; import static io.trino.jdbc.ConnectionProperties.DISABLE_COMPRESSION; @@ -251,6 +252,12 @@ public boolean isAssumeLiteralNamesInMetadataCallsForNonConformingClients() return ASSUME_LITERAL_NAMES_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS.getValue(properties).orElse(false); } + public boolean isAssumeLiteralUnderscoreInMetadataCallsForNonConformingClients() + throws SQLException + { + return ASSUME_LITERAL_UNDERSCORE_IN_METADATA_CALLS_FOR_NON_CONFORMING_CLIENTS.getValue(properties).orElse(false); + } + public void setupClient(OkHttpClient.Builder builder) throws SQLException { diff --git a/client/trino-jdbc/src/test/java/io/trino/jdbc/TestTrinoDatabaseMetaData.java b/client/trino-jdbc/src/test/java/io/trino/jdbc/TestTrinoDatabaseMetaData.java index 032f5715e4c7..49ee666b2667 100644 --- a/client/trino-jdbc/src/test/java/io/trino/jdbc/TestTrinoDatabaseMetaData.java +++ b/client/trino-jdbc/src/test/java/io/trino/jdbc/TestTrinoDatabaseMetaData.java @@ -46,6 +46,7 @@ import org.testng.annotations.AfterMethod; import org.testng.annotations.BeforeClass; import org.testng.annotations.BeforeMethod; +import org.testng.annotations.DataProvider; import org.testng.annotations.Test; import java.sql.Connection; @@ -86,6 +87,7 @@ import static java.util.Objects.requireNonNull; import static java.util.stream.Collectors.toList; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.testng.Assert.assertEquals; import static org.testng.Assert.assertFalse; import static org.testng.Assert.assertTrue; @@ -1419,12 +1421,12 @@ public void testGetColumnsMetadataCalls() .withGetColumnsCount(3000)); } - @Test - public void testAssumeLiteralMetadataCalls() + @Test(dataProvider = "escapeLiteralParameters") + public void testAssumeLiteralMetadataCalls(String escapeLiteralParameter) throws Exception { try (Connection connection = DriverManager.getConnection( - format("jdbc:trino://%s?assumeLiteralNamesInMetadataCallsForNonConformingClients=true", server.getAddress()), + format("jdbc:trino://%s?%s", server.getAddress(), escapeLiteralParameter), "admin", null)) { // getTables's schema name pattern treated as literal @@ -1497,22 +1499,52 @@ public void testAssumeLiteralMetadataCalls() } } + @DataProvider + public Object[][] escapeLiteralParameters() + { + return new Object[][]{ + {"assumeLiteralNamesInMetadataCallsForNonConformingClients=true"}, + {"assumeLiteralUnderscoreInMetadataCallsForNonConformingClients=true"}, + {"assumeLiteralNamesInMetadataCallsForNonConformingClients=false&assumeLiteralUnderscoreInMetadataCallsForNonConformingClients=true"}, + {"assumeLiteralNamesInMetadataCallsForNonConformingClients=true&assumeLiteralUnderscoreInMetadataCallsForNonConformingClients=false"}, + }; + } + + @Test + public void testFailedBothEscapeLiteralParameters() + throws SQLException + { + assertThatThrownBy(() -> DriverManager.getConnection( + format("jdbc:trino://%s?%s", server.getAddress(), "assumeLiteralNamesInMetadataCallsForNonConformingClients=true&assumeLiteralUnderscoreInMetadataCallsForNonConformingClients=true"), + "admin", + null)) + .isInstanceOf(SQLException.class) + .hasMessage("Connection property 'assumeLiteralNamesInMetadataCallsForNonConformingClients' is not allowed"); + } + @Test public void testEscapeIfNecessary() + throws SQLException { - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, null), null); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, "a"), "a"); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, "abc_def"), "abc_def"); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, "abc__de_f"), "abc__de_f"); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, "abc%def"), "abc%def"); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, "abc\\_def"), "abc\\_def"); - - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, null), null); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, "a"), "a"); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, "abc_def"), "abc\\_def"); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, "abc__de_f"), "abc\\_\\_de\\_f"); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, "abc%def"), "abc\\%def"); - assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, "abc\\_def"), "abc\\\\\\_def"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, false, null), null); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, false, "a"), "a"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, false, "abc_def"), "abc_def"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, false, "abc__de_f"), "abc__de_f"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, false, "abc%def"), "abc%def"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, false, "abc\\_def"), "abc\\_def"); + + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, false, null), null); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, false, "a"), "a"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, false, "abc_def"), "abc\\_def"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, false, "abc__de_f"), "abc\\_\\_de\\_f"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, false, "abc%def"), "abc\\%def"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(true, false, "abc\\_def"), "abc\\\\\\_def"); + + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, true, null), null); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, true, "a"), "a"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, true, "abc_def"), "abc\\_def"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, true, "abc__de_f"), "abc\\_\\_de\\_f"); + assertEquals(TrinoDatabaseMetaData.escapeIfNecessary(false, true, "abc\\_def"), "abc\\\\\\_def"); } @Test diff --git a/docs/src/main/sphinx/installation/jdbc.rst b/docs/src/main/sphinx/installation/jdbc.rst index 20fc2ffaf9ba..cd6aa72d4a7f 100644 --- a/docs/src/main/sphinx/installation/jdbc.rst +++ b/docs/src/main/sphinx/installation/jdbc.rst @@ -120,92 +120,96 @@ may not be specified using both methods. Parameter reference ------------------- -============================================================ ======================================================================= -Name Description -============================================================ ======================================================================= -``user`` Username to use for authentication and authorization. -``password`` Password to use for LDAP authentication. -``sessionUser`` Session username override, used for impersonation. -``socksProxy`` SOCKS proxy host and port. Example: ``localhost:1080`` -``httpProxy`` HTTP proxy host and port. Example: ``localhost:8888`` -``clientInfo`` Extra information about the client. -``clientTags`` Client tags for selecting resource groups. Example: ``abc,xyz`` -``traceToken`` Trace token for correlating requests across systems. -``source`` Source name for the Trino query. This parameter should be used in - preference to ``ApplicationName``. Thus, it takes precedence - over ``ApplicationName`` and/or ``applicationNamePrefix``. -``applicationNamePrefix`` Prefix to append to any specified ``ApplicationName`` client info - property, which is used to set the source name for the Trino query - if the ``source`` parameter has not been set. If neither this - property nor ``ApplicationName`` or ``source`` are set, the source - name for the query is ``trino-jdbc``. -``accessToken`` :doc:`JWT ` access token for token based authentication. -``SSL`` Set ``true`` to specify using TLS/HTTPS for connections. -``SSLVerification`` The method of TLS verification. There are three modes: ``FULL`` - (default), ``CA`` and ``NONE``. For ``FULL``, the normal TLS - verification is performed. For ``CA``, only the CA is verified but - hostname mismatch is allowed. For ``NONE``, there is no verification. -``SSLKeyStorePath`` Use only when connecting to a Trino cluster that has :doc:`certificate - authentication ` enabled. - Specifies the path to a :doc:`PEM ` or :doc:`JKS - ` file, which must contain a certificate that - is trusted by the Trino cluster you connect to. -``SSLKeyStorePassword`` The password for the KeyStore, if any. -``SSLKeyStoreType`` The type of the KeyStore. The default type is provided by the Java - ``keystore.type`` security property or ``jks`` if none exists. -``SSLTrustStorePath`` The location of the Java TrustStore file to use. - to validate HTTPS server certificates. -``SSLTrustStorePassword`` The password for the TrustStore. -``SSLTrustStoreType`` The type of the TrustStore. The default type is provided by the Java - ``keystore.type`` security property or ``jks`` if none exists. -``SSLUseSystemTrustStore`` Set ``true`` to automatically use the system TrustStore based on the operating system. - The supported OSes are Windows and macOS. For Windows, the ``Windows-ROOT`` - TrustStore is selected. For macOS, the ``KeychainStore`` TrustStore is selected. - For other OSes, the default Java TrustStore is loaded. - The TrustStore specification can be overridden using ``SSLTrustStoreType``. -``KerberosRemoteServiceName`` Trino coordinator Kerberos service name. This parameter is - required for Kerberos authentication. -``KerberosPrincipal`` The principal to use when authenticating to the Trino coordinator. -``KerberosUseCanonicalHostname`` Use the canonical hostname of the Trino coordinator for the Kerberos - service principal by first resolving the hostname to an IP address - and then doing a reverse DNS lookup for that IP address. - This is enabled by default. -``KerberosServicePrincipalPattern`` Trino coordinator Kerberos service principal pattern. The default is - ``${SERVICE}@${HOST}``. ``${SERVICE}`` is replaced with the value of - ``KerberosRemoteServiceName`` and ``${HOST}`` is replaced with the - hostname of the coordinator (after canonicalization if enabled). -``KerberosConfigPath`` Kerberos configuration file. -``KerberosKeytabPath`` Kerberos keytab file. -``KerberosCredentialCachePath`` Kerberos credential cache. -``KerberosDelegation`` Set to ``true`` to use the token from an existing Kerberos context. - This allows client to use Kerberos authentication without passing - the Keytab or credential cache. Defaults to ``false``. -``extraCredentials`` Extra credentials for connecting to external services, - specified as a list of key-value pairs. For example, - ``foo:bar;abc:xyz`` creates the credential named ``abc`` - with value ``xyz`` and the credential named ``foo`` with value ``bar``. -``roles`` Authorization roles to use for catalogs, specified as a list of - key-value pairs for the catalog and role. For example, - ``catalog1:roleA;catalog2:roleB`` sets ``roleA`` - for ``catalog1`` and ``roleB`` for ``catalog2``. -``sessionProperties`` Session properties to set for the system and for catalogs, - specified as a list of key-value pairs. - For example, ``abc:xyz;example.foo:bar`` sets the system property - ``abc`` to the value ``xyz`` and the ``foo`` property for - catalog ``example`` to the value ``bar``. -``externalAuthentication`` Set to true if you want to use external authentication via - :doc:`/security/oauth2`. Use a local web browser to authenticate with an - identity provider (IdP) that has been configured for the Trino coordinator. -``externalAuthenticationTokenCache`` Allows the sharing of external authentication tokens between different - connections for the same authenticated user until the cache is - invalidated, such as when a client is restarted or when the classloader - reloads the JDBC driver. This is disabled by default, with a value of - ``NONE``. To enable, set the value to ``MEMORY``. If the JDBC driver is used - in a shared mode by different users, the first registered token is stored - and authenticates all users. -``disableCompression`` Whether compression should be enabled. -``assumeLiteralNamesInMetadataCallsForNonConformingClients`` When enabled, the name patterns passed to ``DatabaseMetaData`` methods - are treated as literals. You can use this as a workaround for - applications that do not escape schema or table names when passing them - to ``DatabaseMetaData`` methods as schema or table name patterns. -============================================================ ======================================================================= +================================================================= ======================================================================= +Name Description +================================================================= ======================================================================= +``user`` Username to use for authentication and authorization. +``password`` Password to use for LDAP authentication. +``sessionUser`` Session username override, used for impersonation. +``socksProxy`` SOCKS proxy host and port. Example: ``localhost:1080`` +``httpProxy`` HTTP proxy host and port. Example: ``localhost:8888`` +``clientInfo`` Extra information about the client. +``clientTags`` Client tags for selecting resource groups. Example: ``abc,xyz`` +``traceToken`` Trace token for correlating requests across systems. +``source`` Source name for the Trino query. This parameter should be used in + preference to ``ApplicationName``. Thus, it takes precedence + over ``ApplicationName`` and/or ``applicationNamePrefix``. +``applicationNamePrefix`` Prefix to append to any specified ``ApplicationName`` client info + property, which is used to set the source name for the Trino query + if the ``source`` parameter has not been set. If neither this + property nor ``ApplicationName`` or ``source`` are set, the source + name for the query is ``trino-jdbc``. +``accessToken`` :doc:`JWT ` access token for token based authentication. +``SSL`` Set ``true`` to specify using TLS/HTTPS for connections. +``SSLVerification`` The method of TLS verification. There are three modes: ``FULL`` + (default), ``CA`` and ``NONE``. For ``FULL``, the normal TLS + verification is performed. For ``CA``, only the CA is verified but + hostname mismatch is allowed. For ``NONE``, there is no verification. +``SSLKeyStorePath`` Use only when connecting to a Trino cluster that has :doc:`certificate + authentication ` enabled. + Specifies the path to a :doc:`PEM ` or :doc:`JKS + ` file, which must contain a certificate that + is trusted by the Trino cluster you connect to. +``SSLKeyStorePassword`` The password for the KeyStore, if any. +``SSLKeyStoreType`` The type of the KeyStore. The default type is provided by the Java + ``keystore.type`` security property or ``jks`` if none exists. +``SSLTrustStorePath`` The location of the Java TrustStore file to use. + to validate HTTPS server certificates. +``SSLTrustStorePassword`` The password for the TrustStore. +``SSLTrustStoreType`` The type of the TrustStore. The default type is provided by the Java + ``keystore.type`` security property or ``jks`` if none exists. +``SSLUseSystemTrustStore`` Set ``true`` to automatically use the system TrustStore based on the operating system. + The supported OSes are Windows and macOS. For Windows, the ``Windows-ROOT`` + TrustStore is selected. For macOS, the ``KeychainStore`` TrustStore is selected. + For other OSes, the default Java TrustStore is loaded. + The TrustStore specification can be overridden using ``SSLTrustStoreType``. +``KerberosRemoteServiceName`` Trino coordinator Kerberos service name. This parameter is + required for Kerberos authentication. +``KerberosPrincipal`` The principal to use when authenticating to the Trino coordinator. +``KerberosUseCanonicalHostname`` Use the canonical hostname of the Trino coordinator for the Kerberos + service principal by first resolving the hostname to an IP address + and then doing a reverse DNS lookup for that IP address. + This is enabled by default. +``KerberosServicePrincipalPattern`` Trino coordinator Kerberos service principal pattern. The default is + ``${SERVICE}@${HOST}``. ``${SERVICE}`` is replaced with the value of + ``KerberosRemoteServiceName`` and ``${HOST}`` is replaced with the + hostname of the coordinator (after canonicalization if enabled). +``KerberosConfigPath`` Kerberos configuration file. +``KerberosKeytabPath`` Kerberos keytab file. +``KerberosCredentialCachePath`` Kerberos credential cache. +``KerberosDelegation`` Set to ``true`` to use the token from an existing Kerberos context. + This allows client to use Kerberos authentication without passing + the Keytab or credential cache. Defaults to ``false``. +``extraCredentials`` Extra credentials for connecting to external services, + specified as a list of key-value pairs. For example, + ``foo:bar;abc:xyz`` creates the credential named ``abc`` + with value ``xyz`` and the credential named ``foo`` with value ``bar``. +``roles`` Authorization roles to use for catalogs, specified as a list of + key-value pairs for the catalog and role. For example, + ``catalog1:roleA;catalog2:roleB`` sets ``roleA`` + for ``catalog1`` and ``roleB`` for ``catalog2``. +``sessionProperties`` Session properties to set for the system and for catalogs, + specified as a list of key-value pairs. + For example, ``abc:xyz;example.foo:bar`` sets the system property + ``abc`` to the value ``xyz`` and the ``foo`` property for + catalog ``example`` to the value ``bar``. +``externalAuthentication`` Set to true if you want to use external authentication via + :doc:`/security/oauth2`. Use a local web browser to authenticate with an + identity provider (IdP) that has been configured for the Trino coordinator. +``externalAuthenticationTokenCache`` Allows the sharing of external authentication tokens between different + connections for the same authenticated user until the cache is + invalidated, such as when a client is restarted or when the classloader + reloads the JDBC driver. This is disabled by default, with a value of + ``NONE``. To enable, set the value to ``MEMORY``. If the JDBC driver is used + in a shared mode by different users, the first registered token is stored + and authenticates all users. +``disableCompression`` Whether compression should be enabled. +``assumeLiteralNamesInMetadataCallsForNonConformingClients`` When enabled, the name patterns passed to ``DatabaseMetaData`` methods + are treated as literals. You can use this as a workaround for + applications that do not escape schema or table names when passing them + to ``DatabaseMetaData`` methods as schema or table name patterns. +``assumeLiteralUnderscoreInMetadataCallsForNonConformingClients`` When enabled, the name patterns passed to ``DatabaseMetaData`` methods + are treated as underscores. You can use this as a workaround for + applications that do not escape schema or table names when passing them + to ``DatabaseMetaData`` methods as schema or table name patterns. +================================================================= =======================================================================