PROXY Mechanism | Teradata Vantage - PROXY Mechanism - Advanced SQL Engine - Teradata Database

Security Administration
Product
Advanced SQL Engine
Teradata Database
Release Number
17.05
17.00
Published
September 2020
Language
English (United States)
Last Update
2021-01-23
dita:mapPath
ied1556235912841.ditamap
dita:ditavalPath
lze1555437562152.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantageā„¢

The PROXY mechanism supports user logons through Unity, acting as a proxy for the authentication mechanism in effect at logon and passing user credential information to connected Teradata Vantage systems.

PROXY appears in the TdgssLibraryConfigFile.xml for all installations of Vantage, however, to make a configuration change to PROXY, you must manually copy the mechanism from the TdgssLibraryConfigFile.xml and add it to the TDGSS configuration file.

By default, the MechanismEnabled property is set to yes in the TDGSS version of the TdgssLibraryConfigFile.xml.
<Mechanism Name="PROXY"
            ObjectId="1.3.6.1.4.1.28698.4.302.1.2"
            LibraryName="gssp2proxy"
            Prefix="Proxy"
            InterfaceType="custom">
            <MechanismProperties
                AuthenticationSupported="yes"
                AuthorizationSupported="yes"
                SingleSignOnSupported="no"
                DefaultMechanism="no"
                MechanismEnabled="yes"
                MechanismRank="80"
                GenerateCredentialFromLogon="yes"
                DelegateCredentials="no"
                MutualAuthentication="yes"
                ReplayDetection="yes"
                OutOfSequenceDetection="yes"
                ConfidentialityDesired="yes"
                IntegrityDesired="yes"
                AnonymousAuthentication="no"
                DesiredContextTime=""
                DesiredCredentialTime=""
                CredentialUsage="0"
                DHKeyP2048="8AB3F86E8D374B782F31DAD5F27D6AFDA30150C11A20CF6346712AE2D2C6B70A5B79D45D4C0C232A065B207B121B2C33E147B5983C38A1087F272703B0B839CBA6F71C5D0EB51EC890934EACF2C7DD2A1DF6F55E89B145A0359D35EF8FB6C561E157B13FF927A35E69963648614902B1034EF71197F545DEF3236244EADAE0689E624CF1245953630AE042BD797C4025E37C51D9F6CBDA0B2278FA7D5CA2D9CA930BE2968330C811A4BA4D0845333C0D62E3EE742154F6B62F2951CD8C73C43B5AA1C7819DEF1D7C9314411E465F8E4796666594AADE0AEB3F1256E5719E7AE54DD34FFDA949634E4A293C5BC60AF258BB9FE558086E83B3DD3D7491966DEE93"
DHKeyG2048="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005"
                ProxySupported="yes"
                CertificateFile=""
                PrivateKeyFile=""
                PrivateKeyPassword=""
                PrivateKeyPasswordProtected="no"
                CACertFile=""
                CACertDir=""
                SigningHashAlgorithm="SHA256"
                />
            <MechQop Value="Default">
                AES-K128_GCM_PKCS5Padding_SHA2_DH-K2048
                AES-K128_CBC_PKCS5Padding_SHA1_DH-K2048
                AES-K192_GCM_PKCS5Padding_SHA2_DH-K2048
                AES-K192_CBC_PKCS5Padding_SHA1_DH-K2048
                AES-K256_GCM_PKCS5Padding_SHA2_DH-K2048
                AES-K256_CBC_PKCS5Padding_SHA1_DH-K2048
            </MechQop>
        </Mechanism>