Preventing Unauthorized Use of Query Banding by Proxy Users - Analytics Database - Teradata Vantage

SQL Data Definition Language Syntax and Examples

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-10-04
dita:mapPath
jco1628111346878.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
mdr1472255012272
lifecycle
latest
Product Category
Teradata Vantage™

If no restrictions are imposed, a proxy user could use a SET QUERY_BAND statement to change the proxy user for the session and possibly make unauthorized access to the database. However, use the GRANT CONNECT THROUGH statement and the WITH TRUST ONLY clause to instruct the database to honor SET QUERY_BAND statements that set or update a proxy user only if they are part of a trusted request. You also must program the application trusted user to flag each request as trusted or not trusted to prevent unauthorized use of SET QUERY_BAND to change of the proxy user for a trusted session.