How to handle DB passwords in R connection strings?

sql r passwords rstudio-server
13,311

Solution 1

Here is a piece of example code that uses the tcltk package to prompt for a password while hiding the actual value:

library(tcltk)
tt <- tktoplevel()
pass <- tclVar()
tkpack(tklabel(tt,text='Password:'))
tkpack(tkentry(tt,textvariable=pass,show='*'))
tkpack(tkbutton(tt,text="Done",command=function()tkdestroy(tt)))
tkwait.window(tt)
tclvalue(pass)

In this case it just prints out the unhidden password at the end, but you could wrap this in a function to return that value, then use that as the value for the password argument. Or you could put this and the connect call (with the tclvalue line as the password) inside a call to local so that the variable containing the password disappears as soon as it is used.

Edit

For RStudio and RStudio server there is a function .rs.askForPassword. Use it like:

psswd <- .rs.askForPassword("Database Password:")
con <- dbConnect(MySQL(), user="root", password=psswd, 
             dbname="research_db", host="localhost",
             client.flag=CLIENT_MULTI_STATEMENTS)

Solution 2

So I like the solution of using the config file - that is a great answer. There are also some good comments on the password prompting answer that led me to this solution:

conn <- dbConnect(drv, "jdbc:sqlserver://host:port", 'username', password=.rs.askForPassword("Enter password:"))

Solution 3

I have a different solution for the same problem, which doesn't require the user to type in their password every time they are connecting. I'm using the .my.cnf file functionality. Basically every user has a .my.cnf file in the root of their RStudio Server home directory which contains their password(s) to all MySQL databases, so in the R script I just refer to the database through the 'group' functionality.

R scripts:

library("RMySQL")
m <- dbDriver("MySQL")
# connect using .my.cnf
con <- dbConnect(m, group = "theDatabase")

.my.cnf file:

[client]
user = userName
host = mysql.server.com
password = MyPassword
[theDatabase]
database = hr
[theDatabase2]
user = opto
database = opto
password = pure-light
host = merced
Share:
13,311
Matt Bannert
Author by

Matt Bannert

Data Science and Analytics Engineer Engineer. Global coordinator for @_useRconf. Creator of Hacking for Social Sciences. Talks stats, hoops and trash.

Updated on June 18, 2022

Comments

  • Matt Bannert
    Matt Bannert almost 2 years

    Though I don't know what the SO quorum would be, the question itself is simple: How do y'all handle passwords in db connection string when you connect to a database from R?

    Tutorials often show an example like this. 

    con <- dbConnect(MySQL(), user="root", password="test", 
             dbname="research_db", host="localhost",
             client.flag=CLIENT_MULTI_STATEMENTS)

    If the database is indeed your experimental localhost, this might be somewhat realistic. However if you use it with multiple users on a server you might not want to expose the db credentials like this. Particularly when combining RStudio Server with a SQL database you might want to do something encrypted. What is your experience?

  • Matt Bannert
    Matt Bannert over 11 years
    cool idea, something in the back of mind doubts though that tcltk works with RStudio server. Could you imagine a solution with readline that also hides the pw?
  • Greg Snow
    Greg Snow over 11 years
    Oops, I missed the 'server' part of the question. This will work on a local machine, but I doubt over the web. There are ways to get an encrypted/hidden password via .cgi scripts, so possibly the server could send a .cgi to pop up a browser window to get the password, but that is beyond my experience to comment on. I doubt that readline will work, because it uses the interface to get the information, this needs to be programmed at the interface level, not the readline level.
  • Matt Bannert
    Matt Bannert over 11 years
    Anyway this was a helpful answer, +1. Making people enter their password is a good suggestion no matter how it's implemented.
  • Matt Bannert
    Matt Bannert over 9 years
    there is a nice solution for the server part to if you use rstudio server you can use .rs.askForPassword. Entering password interactively is definitely a good suggestion.
  • Lazarus Thurston
    Lazarus Thurston almost 7 years
    tcltk package seems unavailable for download. What is the library name?
  • Lazarus Thurston
    Lazarus Thurston almost 7 years
    2017: the dbDriver function is deprecated. Still looking for a solution.
  • Greg Snow
    Greg Snow almost 7 years
    @sanjmeh, the tcltk package should have been installed with R, no need to download it.
  • Greg Snow
    Greg Snow almost 7 years
    @MattBannert, Rstudio has a solution for this now, see the edit above.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Enter passwords interactively in R or R Studio (Server)?
Rstudio-server environment variables not loading?
BigQuery error: No matching signature for operator >=
sql command for reading a particular sheet, column
Is there a better way to code this sqlQuery in R?
NA values using sqldf
unable to start rstudio in centos getting error "unable to connect to service"
RODBC sqlSave table creation problems
Where are Google chrome passwords stored in windows?
Retrieve ODBC DSN Password