- Direct sign-on
- Third-party sign-on
Direct sign-on permits a user to log on to the database without providing a user name and password; an account string may or may not be necessary. The Windows user identity must match the Teradata username and the username must have previously been granted the logon with null password privilege.
Third-party sign-on is designed for use by application servers that log on to the database on behalf of a user through an API. Third-party sign-on requires that a user supply a username, password, and, possibly, a domain name to the application server. As with direct sign-on, the username must have previously been granted the logon with null password privilege.
A Logon parcel that does not contain a userid and a password will be interpreted as an SSO logon.
For more information, see “Creating A User for Single Sign-On” and “LOGON Statement” in Teradata Vantage™ - SQL Fundamentals, B035-1141 and “Single Sign-On” in Teradata Vantage™ - Database Utilities, B035-1102.
If encryption support is switched on at the server (gateway), then CLI sends the logon string in encrypted form. The process of logon encryption is abstracted from and cannot be controlled by the applications.