Keywords introducing the external security clause.
This clause is recommended for procedures that perform operating system I/O operations because it permits you to specify a particular OS user under whom the function runs. Otherwise, a protected mode procedure runs under the generic user tdatuser.
- The UDF runs in the client user context of the associated security authorization object created for this purpose, which is contained within the same database as the procedure.
- If you specify an authorization name, you must define an authorization object with that name before you can invoke the procedure.
- If you do not specify an authorization name, you must define a default DEFINER authorization object.
- The default authorization object must be defined before a user can run the procedure.
- Teradata Database reports a warning if the specified authorization name does not exist at the time the procedure is created, stating that no authorization name exists.
- If you then attempt to execute the procedure, the request aborts and the system returns an error to the requestor.
- An optional authorization name for this DEFINER as defined by CREATE AUTHORIZATION.
- The procedure runs using the INVOKER authorization associated with the logged on user who is running the function.