Connecting to DBeaver

DBeaver is a free Universal Database Tool that can be used to connect to the ODAS JDBC endpoint and query ODAS managed databases.

After installing DBeaver, you are presented with the main window, where you can click on the "New Database Connection" button, which is the first in the toolbar on the top left. It will open the "Connect to database" wizard, where you need to enter "presto" to narrow down the choice.

DBeaver Main Window

Select "PrestoDB" and click on the "Next>" button, which will proceed the wizard to the PrestoDB details page. Enter the "Host", "Port", "Database/Schema", "User name", and "Password" information as per the ODAS cluster of your choice. The credentials are your personal credentials as configured in your corporate directory (that is, MS Active Directory or similar):

PrestoDB Details

On the same page, click the "Driver properties" tab. When this is done for the first after installing DBeaver, a dialog will open asking to download the Presto JDBC JAR file. Click on "Download" and wait for the process to complete:

Download Presto JDBC JAR

In the "Driver properties" tab click on the plus button at the bottom left of the list. In the "Property Name" dialog enter SSL and press the "OK" button:

Create Driver Property

Click on the "Value" column next to the newly created property and enter true, followed by pressing the "Enter" button. This should result in the following:

Enter Property Value

Now, click on the "Finish" button of the wizard and return to the main window of DBeaver, with the "PrestoDB - okera" connection added. Click on the little arrow next to it to open the list of catalogs and databases/schemas:

Main Window With Connection

You can now use DBeaver to query any dataset like okera_sample.users (as shown in the previous screenshot).

In the Advanced parameters of the Presto driver, make sure you have the Escape LIKE masks in search queries checked (as shown in the screenshot below).

escape like mask param

DBeaver with Self-Signed Certificates

While the above works for all clients talking to ODAS with properly signed certificates (that is, the client can verify the certificate chain to a trusted root CA) installed, it may not work for all clients. This is surfaced as a certificate validation error and will cause the client to stop work any further.

For Presto, the original JDBC JAR file that contains the driver code, there is unfortunately no way to configure the support of self-signed certificates.

Note

When using Tableau, which is supplying a custom JDBC driver to its users, the steps to disable the certificate check is explained in our JDBC and Tableau blog post.

Okera provides a modified version of the Presto JDBC JAR that is the same as the original but adds the support to disable the certificate check. The driver can be downloaded using the following URL:

https://okera-release-useast.s3.amazonaws.com/1.5.0/client/presto-jdbc-0.214.jar

It adds an additional driver property called SSLAllowSelfSignedCert, which must be set to true in the case DBeaver (or any other tool using the original Presto JDBC JAR file).

The first step is to replace the original driver with the Okera provided one. You can either go the "Database - Driver Manager" menu and modify the global PrestoDB settings, or simply create a new connection as explained above, while clicking on "Edit Driver Settings" in the main page of the connection wizard. Delete the original value, pointing to the downloaded Maven repo version:

Default Driver JAR

Then add the downloaded driver provided by Okera by clicking on the "Add File" button and selecting the JAR file from the location where it is stored:

Custom Driver JAR

Then in the "Driver properties" tab, also add the new property as explained above:

Extra Driver Properties

Once you confirm the wizard or dialog, you can now connect to ODAS clusters with self-signed certificates.

Note

Okera strongly advises all users of the software to install a properly signed and company managed certificate. Not doing so effectively disables the SSL check and leaves the connection vulnerable for possible exploits.