Skip to main contentSkip to search
Powered by Zoomin Software. For more details please contactZoomin
Progress DocumentationProgress Documentation
Progress Documentation
  • Home
  • Home
  • EnglishČeštinaDeutsch (Germany)Español (Spain)Français (France)Italiano (Italy)Português (Brasil)日本語Русский (Russia)中文 (简体) (China)中文 (繁體, 台灣) (Taiwan)ar-AR
  • Login

Progress DataDirect for ODBC for Apache Spark SQL Wire Protocol User's Guide Release 8.0.2

Summary of security-related options

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
Table of Contents
  • Welcome to the Progress DataDirect for ODBC for Apache Spark SQL Wire Protocol Driver
    • What's new in this release?
    • Driver requirements
    • ODBC compliance
    • Version string information
      • getFileVersionString function
    • Data types
      • Retrieving data type information
    • Additional information
    • Troubleshooting
    • Contacting Technical Support
  • Getting started
    • Configuring and connecting on Windows
      • Configuring a data source
      • Testing the connection
    • Configuring and connecting on UNIX and Linux
      • Environment configuration
      • Test loading the driver
      • Configuring a data source in the system information file
      • Testing the connection
  • Tutorials
    • The Example application
    • Microsoft Excel (Windows only)
  • Using the driver
    • Configuring and connecting to data sources
      • Configuring the product on UNIX/Linux
        • Environment variables
          • Library search path
          • ODBCINI
          • ODBCINST
          • DD_INSTALLDIR
        • The test loading tool
        • Data source configuration on UNIX/Linux
          • Configuration through the system information (odbc.ini) file
            • Sample default odbc.ini file
        • DSN-less connections
          • Sample odbcinst.ini file
        • File data sources
        • UTF-16 applications on UNIX and Linux
      • Data source configuration through a GUI
        • Advanced tab
        • Security tab
      • Using a connection string
      • Password Encryption Tool (UNIX/Linux only)
      • Using a logon dialog box
    • Performance considerations
    • Using security
      • Authentication
        • Kerberos authentication
      • Data encryption across the network
      • TLS/SSL encryption
        • Certificates
        • TLS/SSL server authentication
        • TLS/SSL client authentication
        • Generating TLS/SSL certificates using OpenSSL 3.5-compliant algorithms
        • Designating an OpenSSL library
      • Summary of security-related options
    • HTTP mode
    • Azure Databricks Spark clusters
    • SQL support
    • Binding parameter markers
    • Materialized views
    • Stored procedures
    • Isolation and lock levels supported
    • Number of connections and statements supported
    • Unicode support
    • Using arrays of parameters
    • Compatibility with Apache Hive
  • Connection option descriptions
    • Array Size
    • Authentication Method
    • Cookie Name
    • Crypto Protocol Version
    • CryptoLibName
    • Data Source Name
    • Database Name
    • Default Buffer Size for Long/LOB Columns (in Kb)
    • Description
    • Enable Cookie Authentication
    • Enable FIPS
    • Enable SQLDescribeParam
    • Encryption Method
    • GSS Client Library
    • Host Name
    • Host Name In Certificate
    • HTTP Path
    • IANAAppCodePage
    • Key Password
    • Key Store
    • Key Store Password
    • Login Timeout
    • Max String Size
    • Min Long Varchar Size
    • OpenSSLConfigFile
    • OpenSSLProviderPath
    • Password
    • PortNumber
    • PRNGSeedFile
    • PRNGSeedSource
    • Proxy User
    • Remove Column Qualifiers
    • Service Principal Name
    • SSLLibName
    • String Describe Type
    • TCP Keep Alive
    • Transaction Mode
    • Transport Mode
    • Trust Store
    • Trust Store Password
    • Use Current Schema for Catalog Functions
    • Use Native Catalog Functions
    • User Agent
    • User Name
    • Validate Server Certificate
    • Varchar Threshold
  • SQL functionality
    • Data Definition Language (DDL)
    • Selecting data with the driver
      • Select list
        • Column name qualification
    • From clause
    • Group By clause
    • Having clause
    • Order By clause
    • For Update clause
    • Set operators
    • Subqueries
    • SQL expressions
      • Constants
      • Numeric operators
      • Character operator
      • Relational operators
      • Logical operators
      • Functions
  • Copyright
Table of Contents

Summary of security-related options

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: April 8, 2026
  • 1 minute read
    • DataDirect Connectors
    • ODBC
    • Apache Spark SQL 8.0
    • Documentation

The following tables summarizes how security-related connection options work with the drivers. See Connection option descriptions or click on the option name for details about configuring the options.

Table 1. Summary: User ID/Password Authentication Connection Options
Option Description Default
User ID/Password Authentication
Authentication Method If set to 0 (User ID/Password), the driver sends the user ID in clear text and an encrypted password to the server for authentication.

If set to 4 (Kerberos Authentication), the driver uses Kerberos authentication. This method supports both Windows Active Directory Kerberos and MIT Kerberos environments.

If set to -1 (No Authentication), the driver sends the user ID and password in clear text to the server for authentication.

0 (User ID/Password)
Proxy User Specifies the UserID used for HiveServer2 Impersonation and HiveServer2 Trusted Impersonation. None
User Name The default user ID used to connect to your database. None
Additional options for session cookie based authentication (HTTP Mode only)
Cookie Name Specifies the name of the cookie used for authenticating HTTP requests when HTTP mode (TransportMode=1) and session cookie based authentication are enabled (EnableCookieAuthentication=1). When preparing an HTTP request to the server, the driver will not attempt to reauthenticate if a valid cookie is present. hive.server2.auth
Enable Cookie Authentication

Determines whether the driver attempts to use session cookie based authentication for requests to an HTTP endpoint after the initial authentication to the server. Cookie based authentication improves response time by eliminating the need to re-authenticate with the server for each request.

If set to 0 (Disabled), the driver does not use cookie based authentication for HTTP requests after the initial authentication.

If set to 1 (Enabled), the driver attempts to use cookie based authentication for requests to an HTTP endpoint after the initial authentication to the server. The cookie used for authentication is specified by the Cookie Name option. If the name does not match, or authentication fails, the driver attempts to authenticate using user ID and password authentication.

1 (Enabled)
Table 2. Summary: Kerberos Authentication Connection Options
Option Description Default
Authentication Method If set to 0 (User ID/Password), the driver sends the user ID in clear text and an encrypted password to the server for authentication.

If set to 4 (Kerberos Authentication), the driver uses Kerberos authentication. This method supports both Windows Active Directory Kerberos and MIT Kerberos environments.

If set to -1 (No Authentication), the driver sends the user ID and password in clear text to the server for authentication.

0 (User ID/Password)
GSS Client Library The name of the GSS client library that the driver uses to communicate with the Key Distribution Center (KDC). native
Proxy User Specifies the UserID used for HiveServer2 Impersonation and HiveServer2 Trusted Impersonation. None
Service Principal Name The service principal name to be used by driver for Kerberos authentication. None
User Name The default user ID used to connect to your database. None
Table 3. Summary: Data Encryption Connection Options
Option Description Default
Crypto Protocol Version Specifies a comma-separated list of the cryptographic protocols to use when SSL is enabled using the Encryption Method connection option (EncryptionMethod=1). TLSv1.2, TLSv1.3
CryptoLibName The absolute path for the OpenSSL library file containing the cryptographic library to be used by the data source or connection when SSL is enabled. The cryptograpic library contains the implementations of cryptographic algorithms the driver uses for data encryption. Empty string
Enable FIPS Determines whether the OpenSSL library uses cryptographic algorithms from the FIPS provider or the default provider when TLS/SSL encryption is enabled (Encryption Method=1).

If disabled, the OpenSSL library uses cryptographic algorithms from the default provider.

If enabled, the OpenSSL library uses cryptographic algorithms from the FIPS provider.

 Default: Disabled
Encryption Method If set to 0 (No Encryption), data is not encrypted.

If set to 1 (SSL), data is encrypted using the SSL protocols specified in the Crypto Protocol Version connection option.

0 (No Encryption)
Host Name In Certificate A host name for certificate validation when SSL encryption is enabled and validation is enabled. None
Key Password Specifies the password used to access the individual keys in the keystore file when SSL is enabled (Encryption Method=1) and SSL client authentication is enabled on the database server. None
Key Store The name of the directory containing the keystore file to be used when SSL is enabled (Encryption Method=1) and SSL client authentication is enabled on the database server. None
Key Store Password The password used to access the keystore file when SSL is enabled (Encryption Method=1) and SSL client authentication is enabled on the database server. None
PRNGSeedFile

(UNIX and Linux only)

 Specifies the absolute path for the entropy-source file or device used as a seed for SSL key generation. /dev/random
PRNGSeedSource

(UNIX and Linux only)

 Specifies the source of the seed the driver uses for SSL key generation. Seeds are a pseudorandom or random value used to set the initial state of the random number generator used to generate SSL keys. Using seeds with a higher level of entropy, or randomness, provides a more secure transmission of data encrypted using SSL. 0 (File)
SSLLibName The absolute path for the OpenSSL library file containing the SSL library to be used by the data source or connection when SSL is enabled. The SSL library contains the implementations of SSL protocols the driver uses for data encryption. Empty string
Trust Store The directory that contains the truststore file and the truststore file name to be used when SSL is enabled and server authentication is used. None
Trust Store Password Specifies the password that is used to access the truststore file when SSL is enabled and server authentication is used. None
Validate Server Certificate If set to 1 (Enabled), the driver validates the certificate that is sent by the database server. Any certificate from the server must be issued by a trusted CA in the truststore file. If the Host Name In Certificate option is specified, the driver also validates the certificate using a host name.

If set to 0 (Disabled), the driver does not validate the certificate that is sent by the database server. The driver ignores any truststore information specified by the Trust Store and Trust Store Password options.

1 (Enabled)
TitleResults for “How to create a CRG?”Also Available inAlert