Procedure | Java UDFs | Teradata Vantage - Procedure - Advanced SQL Engine

Procedure | Java UDFs | Teradata Vantage - Procedure - Advanced SQL Engine - Teradata Database

SQL External Routine Programming

Product

Advanced SQL Engine

Teradata Database

Release Number

17.05

17.00

Published

June 2020

Language

English (United States)

Last Update

2021-01-24

dita:mapPath

qwr1571437338192.ditamap

dita:ditavalPath

lze1555437562152.ditaval

dita:id

B035-1147

lifecycle

Product Category

Teradata Vantage™

Here is a synopsis of the steps you take to develop, compile, install, and invoke a Java UDF. You can find details for each step in subsequent sections.

Write, test, and debug the Java source code for the UDF outside of the database and place the resulting class or classes in a JAR or ZIP file (collectively called archive files).
Call the SQLJ.INSTALL_JAR external stored procedure to register the archive file and its classes with the database, providing an SQL identifier for the JAR or ZIP file.
Files with .zip extensions are treated as .jar files, and are registered in the database as JAR objects.

Determine the level of access to operating system services that the UDF requires.

IF the UDF …	THEN …
does not access local files and does not perform any restricted actions that require special permissions	the UDF can run in protected execution mode as a thread of the Java hybrid server. Teradata Database creates one Java hybrid server for each node, and the server provides multiple threaded execution of Java external routines to all AMPs and PEs on the node. For security, the hybrid server and all of its resources, such as shared map files and events, use 'tdatuser' as the owner, a local operating system user that the Teradata Database installation process creates.
accesses local files or performs actions that ordinary operating system users have permissions for
requires access to specific resources that require special permissions	use CREATE AUTHORIZATION or REPLACE AUTHORIZATION to create a context that identifies a native operating system user and allows the UDF to access resources by using its own secure server under the authorization of that user.

IF the UDF …

THEN …

does not access local files and does not perform any restricted actions that require special permissions

the UDF can run in protected execution mode as a thread of the Java hybrid server.

Teradata Database creates one Java hybrid server for each node, and the server provides multiple threaded execution of Java external routines to all AMPs and PEs on the node.

For security, the hybrid server and all of its resources, such as shared map files and events, use 'tdatuser' as the owner, a local operating system user that the Teradata Database installation process creates.

accesses local files or performs actions that ordinary operating system users have permissions for

requires access to specific resources that require special permissions

use CREATE AUTHORIZATION or REPLACE AUTHORIZATION to create a context that identifies a native operating system user and allows the UDF to access resources by using its own secure server under the authorization of that user.

Use CREATE FUNCTION or REPLACE FUNCTION with options that provide specific information about the Java UDF.

Option	Description
LANGUAGE JAVA	Identifies the source code language of the UDF.
PARAMETER STYLE JAVA	Indicates the parameter style.
EXTERNAL NAME	Provides the registered name of the JAR or ZIP file, Java class within the JAR or ZIP file, and Java method within the class to execute when the UDF is invoked in an SQL statement.
EXTERNAL SECURITY (Optional)	Associates execution of the UDF with the context created by the CREATE AUTHORIZATION or REPLACE AUTHORIZATION statement in the previous step.

Test the UDF until you are satisfied it works correctly.
Use GRANT to grant privileges to users who are authorized to use the UDF.