Java UDFs can access resources, such as local files, if required. The CREATE FUNCTION or REPLACE FUNCTION statement for the UDF determines which resources the UDF has access to.
| IF the CREATE/REPLACE FUNCTION statement … | THEN the UDF … |
|---|---|
| specifies the EXTERNAL SECURITY clause | can access specific resources that require special permissions, in addition to accessing local files or performing actions that ordinary operating system users have permissions for. Teradata Database uses a separate secure server to execute the UDF under the authorization of a specific native operating system user established by a CREATE AUTHORIZATION or REPLACE AUTHORIZATION statement. |
| does not specify the EXTERNAL SECURITY clause | runs in protected execution mode and can access local files or perform actions that ordinary operating system users have permissions for. Teradata Database executes the UDF as a thread of a hybrid server that runs under the authorization of the 'tdatuser' operating system user. |
For more information on Java server administration, see Server Administration for Java External Routines.