Authorization of Middle-Tier Application Users - Analytics Database - Teradata Vantage

Database Introduction

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-09-27
dita:mapPath
gtm1628096154303.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
dsm1472253642401
lifecycle
latest
Product Category
Teradata Vantageā„¢

Middle-tier applications may stand between end users and Vantage, accepting requests from users, constructing queries from those requests, passing the queries to the database, and then returning results to the users.

The middle-tier application logs on to the database, is authenticated as a permanent database user, and establishes a connection pool. The application then authenticates the individual application end users, some of whom may request access to the database through the connection pool.

By default, all end-users accessing the database through a middle-tier application are authorized database privileges and are audited in access logs, based on the single permanent database user identity of the application.

For sites that require end users to be individually identified, authorized, and audited, the middle-tier application can be configured to offer trusted sessions. Application end-users that access the database through a trusted session must be set up as proxy users and assigned one or more database roles, which determine their privileges in the database. When a proxy user requests database access, the application automatically forwards the user identity and applicable role information to the database.

For further information about setting up trusted sessions and proxy users, see Teradata Vantageā„¢ - Analytics Database Security Administration, B035-1100.