16.10 - About Session Processing for Trusted Sessions - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

After you set up trusted sessions, logons by end-users proceed as follows:

  1. An application defined as a trusted user logs on to Teradata Database as a permanent database user, and creates a connection pool.
  2. An application end user (defined as a proxy user) logs on and is authenticated by the application.
  3. The proxy user requests a service that requires access to Teradata Database.
  4. The application gets a connection from the pool and issues a SET QUERY_BAND, which identifies the PROXYUSER and sets the role and query band duration, establishing a trusted session.
  5. The database authorizes proxy user privileges in the database based on the role(s) assigned to the user.
  6. Teradata Database records the proxy user identity in all access and query log entries.
  7. A trusted session persists for the life of the query band.