In the following section, we will explain how to create a database in Virtual DataPort.
There are two types of databases depending on the method used to authenticate users:
Internal authentication: the database relies in the Virtual DataPort access control, which means that the users that access Virtual DataPort have to be created in Virtual DataPort. See section Creating a Database with Internal Authentication.
LDAP authentication: the database delegates the authentication of users to an LDAP server. See section Creating a Database with LDAP Authentication.
The authentication type of the database does not matter if the client connects to Virtual DataPort using Kerberos authentication. The reason is that in this case, the privileges granted to the user will depend on the roles obtained for this user, from the LDAP server selected in the Kerberos configuration dialog (see section Setting-Up the Kerberos Authentication in the Virtual DataPort Server).
For both types of databases, you can configure the following settings:
Enable or disable the support for Unicode identifiers.
Enable or disable the automatic cost-based optimization.
Enable or disable the automatic simplification of queries.
Enable or disable the summary rewrite optimization.
If you select Default for any of these options, the database will use at all times the current value configured for this Virtual DataPort server. For example, if in a database you set the “automatic cost-based optimization” to “Default” and this feature is disabled globally (see the global value of this feature in the dialog “Queries Optimization” of the menu Administration > Server configuration), it will be also be disabled for this database. If later you enable this feature globally, it will be also enabled for this database without you having to change the specific configuration of the database.
Enforcing Kerberos Authentication
Regarding applications that use the Denodo ODBC driver to connect to Virtual DataPort:
By default, these applications can choose to use Kerberos authentication or user/password. It is up to how the users configure the connection.
Select Use Kerberos/OAuth authentication for ODBC connections… to force incoming ODBC connections to use Kerberos or OAuth authentication. In this case, if a client application tries to open a connection to this database with user/password, the connection will fail.
Regarding applications that use the PostgreSQL ODBC driver to connect to Virtual DataPort (e.g. Tableau):
Select this check box if you want applications that use the PostgreSQL driver to use Kerberos authentication to establish the connection with this database. These applications will not be able to use user/password.
Clear this check box if you want applications that use the PostgreSQL driver to use user/password to establish the connection with this database. These applications will not be able to use Kerberos authentication.
Creating a Database with Internal Authentication¶
To create a database with internal authentication, click Database management on the Administration menu. In this dialog, click New database. Enter this:
Name of the database.
Description of the database (optional).
Identifiers charset: if you select Default, the database will use the setting configured for the entire Server (see Identifiers Charset).
Authentication type: Internal user.
Click Ok to create the database.
When a user tries to connect to this database, Virtual DataPort will check the credentials of this user with the “list” of users created in Virtual DataPort. These users are the ones created in the “User Management” dialog (see section Creating Users).
Creating a Database with LDAP Authentication¶
A database with LDAP authentication delegates the authentication of users to an LDAP server. The benefit over the Internal authentication is that you rely on an LDAP server such as Microsoft Windows Active Directory to authenticate users. This simplifies the management of users and their privileges. You can get more details about how to create a database with LDAP authentication in the section LDAP Authentication.