Comments (18)
Wow, that's strange. Our HTTPS workloads work maybe because HTTP redirects to HTTPS and we didn't realize it. Let me work on it know, will get back to you in an hour.
from metriql.
Will test it out. That’s the way I wanted it to be :)
from metriql.
Could you please send a screenshot of the connection page? The user is required, here is an example config:
from metriql.
That's exactly how I set it up. I have a different username though. Could it be with the loadbalancer in front of it, or something else? I saw that if ssl is terminated before the server, Trino needs this config http-server.process-forwarded=true
. I've got no clue, just throwing idéas in the air :)
Seems it didn't work from thoughtspot either, so must be something wrong with my setup I guess.
from metriql.
Do you need any more info or do you think it's possible to debug anyway? :) I'll be happy to dig further if you need more info. We are currently running another trial where it would be fun to get metriql up and running.
from metriql.
Here is the full stacktrace at least
javax.ws.rs.WebApplicationException: User must be set
io.trino.server.HttpRequestSessionContext.badRequest(HttpRequestSessionContext.java:503)
io.trino.server.HttpRequestSessionContext.assertRequest(HttpRequestSessionContext.java:452)
io.trino.server.HttpRequestSessionContext.buildSessionIdentity(HttpRequestSessionContext.java:223)
io.trino.server.HttpRequestSessionContext.<init>(HttpRequestSessionContext.java:120)
com.metriql.service.jdbc.StatementService.createSessionContext(StatementService.kt:95)
com.metriql.service.jdbc.StatementService.query$lambda-3(StatementService.kt:105)
org.rakam.server.http.RakamHttpRequest.handleBody(RakamHttpRequest.java:250)
org.rakam.server.http.HttpServerHandler.handleBody(HttpServerHandler.java:162)
org.rakam.server.http.HttpServerHandler.channelRead(HttpServerHandler.java:112)
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:345)
io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireChannelRead(CombinedChannelDuplexHandler.java:435)
io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:293)
io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:267)
io.netty.channel.CombinedChannelDuplexHandler.channelRead(CombinedChannelDuplexHandler.java:250)
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:345)
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1294)
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:366)
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:352)
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:911)
io.netty.channel.epoll.AbstractEpollStreamChannel$EpollStreamUnsafe.epollInReady(AbstractEpollStreamChannel.java:883)
io.netty.channel.epoll.EpollEventLoop.processReady(EpollEventLoop.java:389)
io.netty.channel.epoll.EpollEventLoop.run(EpollEventLoop.java:305)
io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:140)
io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:144)
java.base/java.lang.Thread.run(Unknown Source)
from metriql.
If I enter the wrong username I get Authentication failed, so it's getting there, but somehow fails.
from metriql.
Thoughtspot prints this in chrome console
"debug":"[\"java.sql.SQLException: Authentication failed: Unauthorized\",\"\"]"
I'm copying what I'm using in the python client.
from metriql.
Sorry for the delay, I believe that it's related to load-balancers X-Forwarded-Proto
headers but I couldn't reproduce the issue. Let me work on it today and I will get back to you.
from metriql.
Seems I get "Authentication failed" instead now with the latest image. Python library still works though.
from metriql.
After spending an hour, I still couldn't reproduce the issue. Can you please answer the following questions?
-
Is the Metriql passwordless or did you set up username & password authentication? If you try running it in passwordless mode, does it work?
-
How do you set up the load balancer, is it a managed service? I suspect that it might be re-writing all the headers with
X-Forwarded-
prefix. -
How do you use the Python library, can you send the snippet here?
Once you answer the questions, I will deep dive and try to solve the issue tomorrow.
from metriql.
- It has a password. Not to keen to expose it without actually :)
- Now I'm setting up an Nginx and a separate VM for this. UI works, python library works, DBEaver gets unauthorized or that it tries to use http in the next call, instead of https. Depending on what I change. Headers are being proxied with X-Forwarded- indeed, shouldnt that be the case?
import trino
METRIQL_HOST = 'mydomain.com'
METRIQL_PORT = '443'
YOUR_METRIQL_USERNAME = 'username'
YOUR_METRIQL_PASSWORD = 'supersecret'
conn = trino.dbapi.connect(
http_scheme="HTTPS",
host=METRIQL_HOST,
port=METRIQL_PORT,
user=YOUR_METRIQL_USERNAME,
catalog='metriql',
schema='public',
auth=trino.auth.BasicAuthentication(YOUR_METRIQL_USERNAME, YOUR_METRIQL_PASSWORD),
)
cur = conn.cursor()
all_datasets = cur.execute('SHOW TABLES')
print(cur.fetchall())
cur.execute("""
select * from "ref('some_table')"
""")
print(cur.fetchall())
from metriql.
@buremba If it works for you when you do SSL termination in NGINX in front of a secured MetriQL instance protected with username/password, could you please share that configuration?
from metriql.
DBeaver is actually doing things my the look of it when I try to connect, but I still get unauthorized. The metriql logs say
SELECT TYPE_NAME, DATA_TYPE, PRECISION, LITERAL_PREFIX, LITERAL_SUFFIX,
CREATE_PARAMS, NULLABLE, CASE_SENSITIVE, SEARCHABLE, UNSIGNED_ATTRIBUTE,
FIXED_PREC_SCALE, AUTO_INCREMENT, LOCAL_TYPE_NAME, MINIMUM_SCALE, MAXIMUM_SCALE,
SQL_DATA_TYPE, SQL_DATETIME_SUB, NUM_PREC_RADIX
FROM system.jdbc.types
ORDER BY DATA_TYPE
SELECT TABLE_CAT
FROM system.jdbc.catalogs
ORDER BY TABLE_CAT
SELECT TABLE_SCHEM, TABLE_CATALOG
FROM system.jdbc.schemas
ORDER BY TABLE_CATALOG, TABLE_SCHEM
from metriql.
Isn't this line messing things up?
https://github.com/metriql/metriql/blob/master/src/main/java/com/metriql/service/jdbc/StatementService.kt#L211
from metriql.
@AndreasTA-AW , we don't want to require the Metriql URL as a parameter when you run the serve
command and Metriql itself doesn't really support SSL. You need to have a load balancer to support HTTPS in Metriql which passes X-Forwarded-Proto
to the Metriql instance. We cover this use-case now, it's in the metriql:latest
:
Relevant commit: 4554e2a
from metriql.
Can you try and let me know if you run into any issues?
from metriql.
Works like a charm
from metriql.
Related Issues (20)
- Installation Error
- Does Metriql support connection with DBT-Vertica?
- Support dbt with trino warehouse
- Building Metriql With Local, Proprietary JAR File HOT 1
- How to eliminate double quotes from identifier names in metriql's automatically generated SELECT queries HOT 2
- Support `HAVING (COUNT(1) > 0)` in MQL
- Support for accessing Trino functions in SQL Context not working as expected
- Allow user-supplied names for precomputed tables (roll-up tables) HOT 3
- Unknown data type: Array(String) HOT 1
- unable to compile 0.6-SNAPSHOT HOT 2
- Does not support count_distinct dbt metric type HOT 3
- Metriql cannot find parent models of dbt metrics HOT 2
- Error Date-DateTime column in ClickHouse-Metriql
- Read timed out | socket_timeout does not work
- Repeated Alias HOT 1
- Neo4j support
- dbt 1.3.0 has changed raw_sql to raw_code HOT 1
- how to use pivots propertie?
- Superset Connection HOT 1
- profiles.yml does not exist in /root/.dbt/profiles.yml HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from metriql.