The PROXY mechanism supports user logons through Unity, acting as a proxy for the authentication mechanism in effect at logon and passing user credential information to connected Teradata Vantage systems.
PROXY appears in the TdgssLibraryConfigFile.xml for all installations of Vantage, however, to make a configuration change to PROXY, you must manually copy the mechanism from the TdgssLibraryConfigFile.xml and add it to the TDGSS configuration file.
You can modify some PROXY support properties without performing a TPA reset. For example, the following can be modified without a TPA reset: MechanismEnabled, CertificateFile, PrivateKeyFile, PrivateKeyPassword, PrivateKeyPasswordProtected, CACertFile, CACertDir, and SigningHashAlgorithm. The rest are either not modifiable or require a TPA reset if you do modify them. run_tdgssconfig indicates when you need to do a TPA reset.
<Mechanism Name="PROXY" ObjectId="1.3.6.1.4.1.28698.4.302.1.2" LibraryName="gssp2proxy" Prefix="Proxy" InterfaceType="custom"> <MechanismProperties AuthenticationSupported="yes" AuthorizationSupported="yes" SingleSignOnSupported="no" DefaultMechanism="no" MechanismEnabled="yes" MechanismRank="80" GenerateCredentialFromLogon="yes" DelegateCredentials="no" MutualAuthentication="yes" ReplayDetection="yes" OutOfSequenceDetection="yes" ConfidentialityDesired="yes" IntegrityDesired="yes" AnonymousAuthentication="no" DesiredContextTime="" DesiredCredentialTime="" CredentialUsage="0" DHKeyP2048="8AB3F86E8D374B782F31DAD5F27D6AFDA30150C11A20CF6346712AE2D2C6B70A5B79D45D4C0C232A065B207B121B2C33E147B5983C38A1087F272703B0B839CBA6F71C5D0EB51EC890934EACF2C7DD2A1DF6F55E89B145A0359D35EF8FB6C561E157B13FF927A35E69963648614902B1034EF71197F545DEF3236244EADAE0689E624CF1245953630AE042BD797C4025E37C51D9F6CBDA0B2278FA7D5CA2D9CA930BE2968330C811A4BA4D0845333C0D62E3EE742154F6B62F2951CD8C73C43B5AA1C7819DEF1D7C9314411E465F8E4796666594AADE0AEB3F1256E5719E7AE54DD34FFDA949634E4A293C5BC60AF258BB9FE558086E83B3DD3D7491966DEE93" DHKeyG2048="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005" ProxySupported="yes" CertificateFile="" PrivateKeyFile="" PrivateKeyPassword="" PrivateKeyPasswordProtected="no" CACertFile="" CACertDir="" SigningHashAlgorithm="SHA256" /> <MechQop Value="Default"> AES-K128_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K128_CBC_PKCS5Padding_SHA1_DH-K2048 AES-K192_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K192_CBC_PKCS5Padding_SHA1_DH-K2048 AES-K256_GCM_PKCS5Padding_SHA2_DH-K2048 AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048 </MechQop> </Mechanism>