17.10 - About Session Processing for Trusted Sessions - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

After you set up trusted sessions, logons by end-users proceed as follows:

  1. An application defined as a trusted user logs on to Teradata Vantage as a permanent database user, and creates a connection pool.
  2. An application end user (defined as a proxy user) logs on and is authenticated by the application.
  3. The proxy user requests a service that requires access to Vantage.
  4. The application gets a connection from the pool and issues a SET QUERY_BAND, which identifies the PROXYUSER and sets the role and query band duration, establishing a trusted session.
  5. The database authorizes proxy user privileges in Vantage based on the role(s) assigned to the user.
  6. Vantage records the proxy user identity in all access and query log entries.
  7. A trusted session persists for the life of the query band.