17.20 - Authentication - ODBC Driver for Teradata

ODBC Driver for Teradata® User Guide

Product
ODBC Driver for Teradata
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2022-06-21
dita:mapPath
uqj1639470627591.ditamap
dita:ditavalPath
nkw1500504256726.ditaval

Authentication is the indisputable establishment of identities between two mutually suspicious parties when faced with adversaries with a malicious intent. In other words, authentication answers a very simple question: Who are you?

In research literature, authentication is defined as a proof of authenticity; it determines if the source of a message is genuine. Authentication says nothing about capabilities; that is, it does not determine if a source has the right to access certain resources within the destination.

User authentication in the database using ODBC Driver for Teradata uses the following mechanisms:
  • Conventional Teradata Mechanism – consists of a username and a password, which are validated by the database during logon. This is sometimes referred to as CSO.
  • SSO – the system is trusted, and the user is logged on without providing a username and password. The user's identity, which is obtained through a network or domain login, is transmitted to the database and verified.

    SSO is only supported when the server is running Windows and the client running a Windows or Apple macOS version supporting SSPI. SSO is supported using Kerberos as the authentication mechanism.

The Extensible User Authentication feature expands these authentication mechanisms to include LDAP, Teradata-defined, and other user-defined mechanisms. It also provides support for Kerberos on all platforms that support Kerberos.