You can modify the application.properties file located at /opt/teradata/rest/tdrest/ for additional site-specific security features.
Value | Description | Default Value | Impact |
---|---|---|---|
Credential Store Properties | |||
credential.key.store.random | Random key or hash key. | true | Set to true for single-server deployment, false for high availability deployment. |
token.duration.minutes | Lifetime of authentication token. | 120 (minutes) | The frequency of applications sending username and password to get a new token. |
Administrator Password Properties | |||
user.password.min.length | Minimum number of characters in the administrator password. | 6 | Administrator user password validation. |
user.password.min.lower.case | Minimum number of lowercase characters in the administrator password. | 1 | Administrator user password validation. |
user.password.min.numeric | Minimum number of numeric characters in an administrator password. | 1 | Administrator user password validation. |
user.password.min.upper.case | Minimum number of uppercase characters in an administrator password. | 1 | Administrator user password validation. |
user.password.min.special | Minimum number of special case characters in administrator password. | 1 | Administrator user password validation. |
Server Properties | |||
server.http.enabled | Enable HTTP connections. | false | Provide valid TLS certificate, otherwise users must accept a self-signed certificate. |
server.http.redirect.to.https | Automatically redirect HTTP connections to HTTPS. | true | |
server.session.timeout | Lifetime of session cookie (used for UI). | 3600 (seconds) | Administrator user must re-authenticate at this interval. |
API Restriction Properties | |||
import.export.api.disabled | Disable the import and export APIs. | false | Query Service configuration cannot be imported or exported. |
metadata.api.disabled | Disable the database metadata APIs. | false | Query Service client cannot fetch database metadata. |
users.api.disabled | Disable metadata user APIs. | false | Users cannot be allowed or blocked per system. |