skip to main content
Using the Driver : Using Security : Summary of Security-Related Options
  

Try DataDirect Drivers Now

Summary of Security-Related Options

The following tables summarizes how security-related connection options work with the drivers. See Connection Option Descriptions for Apache Spark SQL or click on the option name for details about configuring the options.
Table 2. Summary: Authentication Connection Options
Option
Description
Default
If set to 0 (User ID/Password), the driver sends the user ID in clear text and an encrypted password to the server for authentication.
If set to -1 (No Authentication), the driver sends the user ID and password in clear text to the server for authentication.
0 (User ID/Password)
The name of the GSS client library that the driver uses to communicate with the Key Distribution Center (KDC).
native
Specifies the UserID used for HiveServer2 Impersonation and HiveServer2 Trusted Impersonation.
None
The service principal name to be used by driver for Kerberos authentication.
None
The default user ID used to connect to your database.
None
Table 3. Summary: Data Encryption Connection Options
Option
Description
Default
Determines which version of the OpenSSL library file the driver uses for data encryption.
1.1.1,1.0.2
Specifies a comma-separated list of the cryptographic protocols to use when SSL is enabled using the Encryption Method connection option (EncryptionMethod=1).
TLSv1.2, TLSv1.1, TLSv1
The absolute path for the OpenSSL library file containing the cryptographic library to be used by the data source or connection when SSL is enabled. The cryptograpic library contains the implementations of cryptographic algorithms the driver uses for data encryption.
Empty string
If set to 0 (No Encryption), data is not encrypted.
If set to 1 (SSL), data is encrypted using the SSL protocols specified in the Crypto Protocol Version connection option.
0 (No Encryption)
A host name for certificate validation when SSL encryption is enabled and validation is enabled.
None
Specifies the password used to access the individual keys in the keystore file when SSL is enabled (Encryption Method=1) and SSL client authentication is enabled on the database server.
None
The name of the directory containing the keystore file to be used when SSL is enabled (Encryption Method=1) and SSL client authentication is enabled on the database server.
None
The password used to access the keystore file when SSL is enabled (Encryption Method=1) and SSL client authentication is enabled on the database server.
None
(UNIX and Linux only)
Specifies the absolute path for the entropy-source file or device used as a seed for SSL key generation.
/dev/random
(UNIX and Linux only)
Specifies the source of the seed the driver uses for SSL key generation. Seeds are a pseudorandom or random value used to set the initial state of the random number generator used to generate SSL keys. Using seeds with a higher level of entropy, or randomness, provides a more secure transmission of data encrypted using SSL.
0 (File)
The absolute path for the OpenSSL library file containing the SSL library to be used by the data source or connection when SSL is enabled. The SSL library contains the implementations of SSL protocols the driver uses for data encryption.
Empty string
The directory that contains the truststore file and the truststore file name to be used when SSL is enabled and server authentication is used.
None
Specifies the password that is used to access the truststore file when SSL is enabled and server authentication is used.
None
If set to 1 (Enabled), the driver validates the certificate that is sent by the database server. Any certificate from the server must be issued by a trusted CA in the truststore file. If the Host Name In Certificate option is specified, the driver also validates the certificate using a host name.
If set to 0 (Disabled), the driver does not validate the certificate that is sent by the database server. The driver ignores any truststore information specified by the Trust Store and Trust Store Password options.
1 (Enabled)