Greenplum Connection Details¶
Introduction¶
Connector Version
This documentation is based on version 23.0.8936 of the connector.
Get Started¶
Greenplum Version Support
The connector enables standards-based access to Greenplum databases version 4.3.0 and later.
Establish a Connection¶
Connect to Greenplum¶
To connect to Greenplum, set the Server
, Port
(the default port is 5432), and Database
connection properties and set the User
and Password
you want to use to authenticate to the server. If the Database
property is not specified, the connector connects to the user's default database (it is the same name as the user).
Authenticate to Greenplum¶
The Greenplum connector supports the md5, password, Kerberos and SASL (particulary, SCRAM-SHA-256) authentication methods.
The specific authentication method is setup in the pg_hba.conf file on the Greenplum Server. You can find instructions about authentication setup on the Greenplum Server here. The md5, password and SASL authentication methods do not require additional setup by the Greenplum connector.
Kerberos¶
The Greenplum Server initiates authentication with the Kerberos Server when the Greenplum connector attempts a connection. You need to setup Kerberos on the Greenplum Server to activate this authentication method. After you have Kerberos authentication setup on the Greenplum Server, see Using Kerberos for details on how to authenticate with Kerberos by the connector.
Use Kerberos¶
Kerberos¶
Authenticating to Greenplum via Kerberos requires you to define authentication properties and to choose how Kerberos should retrieve authentication tickets.
Retrieve Kerberos Tickets¶
Kerberos tickets are used to authenticate the requester's identity. The use of tickets instead of formal logins/passwords eliminates the need to store passwords locally or send them over a network. Users are reauthenticated (tickets are refreshed) whenever they log
in at their local computer or enter kinit USER
at the command prompt.
The connector provides three ways to retrieve the required Kerberos ticket, depending on whether or not the KRB5CCNAME
and/or KerberosKeytabFile
variables exist in your environment.
MIT Kerberos Credential Cache File
This option enables you to use the MIT Kerberos Ticket Manager or kinit
command to get tickets. With this option there is no need to set the User
or Password
connection properties.
This option requires that KRB5CCNAME
has been created in your system.
To enable ticket retrieval via MIT Cerberos Credential Cache Files:
- Ensure that the
KRB5CCNAME
variable is present in your environment. - Set
KRB5CCNAME
to a path that points to your credential cache file. (For example,C:\krb_cache\krb5cc_0
or/tmp/krb5cc_0
.) The credential cache file is created when you use the MIT Kerberos Ticket Manager to generate your ticket. -
To obtain a ticket:
- Open the MIT Kerberos Ticket Manager application.
- Click
Get Ticket
. - Enter your principal name and password.
- Click
OK
.
If the ticket is successfully obtained, the ticket information appears in Kerberos Ticket Manager and is stored in the credential cache file.
The connector uses the cache file to obtain the Kerberos ticket to connect to Greenplum.
Note
If you would prefer not to edit KRB5CCNAME
, you can use the KerberosTicketCache
property to set the file path manually. After this is set, the connector uses the specified cache file to obtain the Kerberos ticket to connect to Greenplum.
Keytab File
If your environment lacks the KRB5CCNAME
environment variable, you can retrieve a Kerberos ticket using a Keytab File.
To use this method, set the User
property to the desired username, and set the KerberosKeytabFile
property to a file path pointing to the keytab file associated with the user.
User and Password
If your environment lacks the KRB5CCNAME
environment variable and the KerberosKeytabFile
property has not been set, you can retrieve a ticket using a user and password combination.
To use this method, set the User
and Password
properties to the user/password combination that you use to authenticate with Greenplum.
Enable Cross-Realm Authentication¶
More complex Kerberos environments can require cross-realm authentication where multiple realms and KDC servers are used. For example, they might use one realm/KDC for user authentication, and another realm/KDC for obtaining the service ticket.
To enable this kind of cross-realm authentication, set the KerberosRealm
and KerberosKDC
properties to the values required for user authentication. Also, set the KerberosServiceRealm
and KerberosServiceKDC
properties to the values required to obtain the service ticket.
Important Notes¶
Configuration Files and Their Paths¶
- All references to adding configuration files and their paths refer to files and locations on the Jitterbit agent where the connector is installed. These paths are to be adjusted as appropriate depending on the agent and the operating system. If multiple agents are used in an agent group, identical files will be required on each agent.
Advanced Features¶
This section details a selection of advanced features of the Greenplum connector.
SSL Configuration
Use SSL Configuration to adjust how connector handles TLS/SSL certificate negotiations. You can choose from various certificate formats; see the SSLServerCert
property under "Connection String Options" for more information.
Proxy
To configure the connector using Private Agent proxy settings, select the Use Proxy Settings
checkbox on the connection configuration screen.
SSL Configuration¶
Customize the SSL Configuration¶
By default, the connector attempts to negotiate SSL/TLS by checking the server's certificate against the system's trusted certificate store.
To specify another certificate, see the SSLServerCert
property for the available formats to do so.
Client SSL Certificates¶
The Greenplum connector also supports setting client certificates. Set the following to connect using a client certificate.
SSLClientCert
: The name of the certificate store for the client certificate.SSLClientCertType
: The type of key store containing the TLS/SSL client certificate.SSLClientCertPassword
: The password for the TLS/SSL client certificate.SSLClientCertSubject
: The subject of the TLS/SSL client certificate.
Advanced Configurations Properties¶
The advanced configurations properties are the various options that can be used to establish a connection. This section provides a complete list of the options you can configure. Click the links for further details.
Property | Description |
---|---|
Server | The host name or IP address of the server. |
Port | The port number of the Greenplum server. |
Database | The name of the Greenplum database. |
User | The Greenplum user account used to authenticate. |
Password | The password used to authenticate the user. |
UseSSL | This field sets whether SSL is enabled. |
Property | Description |
---|---|
KerberosKDC | The Kerberos Key Distribution Center (KDC) service used to authenticate the user. |
KerberosRealm | The Kerberos Realm used to authenticate the user. |
KerberosSPN | The service principal name (SPN) for the Kerberos Domain Controller. |
KerberosKeytabFile | The Keytab file containing your pairs of Kerberos principals and encrypted keys. |
KerberosServiceRealm | The Kerberos realm of the service. |
KerberosServiceKDC | The Kerberos KDC of the service. |
KerberosTicketCache | The full file path to an MIT Kerberos credential cache file. |
Property | Description |
---|---|
SSLClientCert | The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL). |
SSLClientCertType | The type of key store containing the TLS/SSL client certificate. |
SSLClientCertPassword | The password for the TLS/SSL client certificate. |
SSLClientCertSubject | The subject of the TLS/SSL client certificate. |
SSLServerCert | The certificate to be accepted from the server when connecting using TLS/SSL. |
Property | Description |
---|---|
SSHAuthMode | The authentication method used when establishing an SSH Tunnel to the service. |
SSHClientCert | A certificate to be used for authenticating the SSHUser. |
SSHClientCertPassword | The password of the SSHClientCert key if it has one. |
SSHClientCertSubject | The subject of the SSH client certificate. |
SSHClientCertType | The type of SSHClientCert private key. |
SSHServer | The SSH server. |
SSHPort | The SSH port. |
SSHUser | The SSH user. |
SSHPassword | The SSH password. |
SSHServerFingerprint | The SSH server fingerprint. |
UseSSH | Whether to tunnel the Greenplum connection over SSH. Use SSH. |
Property | Description |
---|---|
Location | A path to the directory that contains the schema files defining tables, views, and stored procedures. |
BrowsableSchemas | This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA, SchemaB, SchemaC. |
Tables | This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA, TableB, TableC. |
Views | Restricts the views reported to a subset of the available tables. For example, Views=ViewA, ViewB, ViewC. |
Property | Description |
---|---|
AllowPreparedStatement | Prepare a query statement before its execution. |
FetchResultSetMetadata | This field sets whether the provider retrieves metadata pertaining to the schema and table name for resultset columns returned by the server. |
MaxRows | Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses. |
Other | These hidden properties are used only in specific use cases. |
QueryPassthrough | This option passes the query to the Greenplum server as is. |
SupportUnboundedColumns | When this property is set, the provider reports Int32.MaxValue as the size of the columns of data type 'bytea' and 'text'. |
Timeout | The value in seconds until the timeout error is thrown, canceling the operation. |
Authentication¶
This section provides a complete list of authentication properties you can configure.
Property | Description |
---|---|
Server | The host name or IP address of the server. |
Port | The port number of the Greenplum server. |
Database | The name of the Greenplum database. |
User | The Greenplum user account used to authenticate. |
Password | The password used to authenticate the user. |
UseSSL | This field sets whether SSL is enabled. |
Server¶
The host name or IP address of the server.
Data Type¶
string
Default Value¶
""
Remarks¶
The host name or IP of the server hosting the Greenplum Database. If not set, the default value "localhost" is used.
Port¶
The port number of the Greenplum server.
Data Type¶
string
Default Value¶
5432
Remarks¶
The port number of the Server hosting the Greenplum Database. If not specified, the default port number 5432 is used.
Database¶
The name of the Greenplum database.
Data Type¶
string
Default Value¶
""
Remarks¶
The database to connect to when connecting to the Greenplum Server. If a database is not provided, the user's default database will be used.
User¶
The Greenplum user account used to authenticate.
Data Type¶
string
Default Value¶
""
Remarks¶
Together with Password, this field is used to authenticate against the Greenplum server.
Password¶
The password used to authenticate the user.
Data Type¶
string
Default Value¶
""
Remarks¶
The User and Password
are together used to authenticate with the server.
UseSSL¶
This field sets whether SSL is enabled.
Data Type¶
bool
Default Value¶
false
Remarks¶
This field sets whether the connector will attempt to negotiate TLS/SSL connections to the server. By default, the connector checks the server's certificate against the system's trusted certificate store. To specify another certificate, set SSLServerCert.
Kerberos¶
This section provides a complete list of Kerberos properties you can configure.
Property | Description |
---|---|
KerberosKDC | The Kerberos Key Distribution Center (KDC) service used to authenticate the user. |
KerberosRealm | The Kerberos Realm used to authenticate the user. |
KerberosSPN | The service principal name (SPN) for the Kerberos Domain Controller. |
KerberosKeytabFile | The Keytab file containing your pairs of Kerberos principals and encrypted keys. |
KerberosServiceRealm | The Kerberos realm of the service. |
KerberosServiceKDC | The Kerberos KDC of the service. |
KerberosTicketCache | The full file path to an MIT Kerberos credential cache file. |
KerberosKDC¶
The Kerberos Key Distribution Center (KDC) service used to authenticate the user.
Data Type¶
string
Default Value¶
""
Remarks¶
The Kerberos properties are used when using SPNEGO or Windows Authentication. The connector will request session tickets and temporary session keys from the Kerberos KDC service. The Kerberos KDC service is conventionally colocated with the domain controller.
If Kerberos KDC is not specified, the connector will attempt to detect these properties automatically from the following locations:
KRB5 Config File (krb5.ini/krb5.conf)
: If the KRB5_CONFIG environment variable is set and the file exists, the connector will obtain the KDC from the specified file. Otherwise, it will attempt to read from the default MIT location based on the OS:C:\ProgramData\MIT\Kerberos5\krb5.ini
(Windows) or/etc/krb5.conf
(Linux).Java System Properties
: Using the system propertiesjava.security.krb5.realm
andjava.security.krb5.kdc
.Domain Name and Host
: If the Kerberos Realm and Kerberos KDC could not be inferred from another location, the connector will infer them from the configured domain name and host.
Note
Windows authentication is supported in JRE 1.6 and above only.
KerberosRealm¶
The Kerberos Realm used to authenticate the user.
Data Type¶
string
Default Value¶
""
Remarks¶
The Kerberos properties are used when using SPNEGO or Windows Authentication. The Kerberos Realm is used to authenticate the user with the Kerberos Key Distribution Service (KDC). The Kerberos Realm can be configured by an administrator to be any string, but conventionally it is based on the domain name.
If Kerberos Realm is not specified, the connector will attempt to detect these properties automatically from the following locations:
KRB5 Config File (krb5.ini/krb5.conf)
: If the KRB5_CONFIG environment variable is set and the file exists, the connector will obtain the default realm from the specified file. Otherwise, it will attempt to read from the default MIT location based on the OS:C:\ProgramData\MIT\Kerberos5\krb5.ini
(Windows) or/etc/krb5.conf
(Linux)Java System Properties
: Using the system propertiesjava.security.krb5.realm
andjava.security.krb5.kdc
.Domain Name and Host
: If the Kerberos Realm and Kerberos KDC could not be inferred from another location, the connector will infer them from the user-configured domain name and host. This might work in some Windows environments.
Note
Kerberos-based authentication is supported in JRE 1.6 and above only.
KerberosSPN¶
The service principal name (SPN) for the Kerberos Domain Controller.
Data Type¶
string
Default Value¶
""
Remarks¶
If the SPN on the Kerberos Domain Controller is not the same as the URL that you are authenticating to, use this property to set the SPN.
KerberosKeytabFile¶
The Keytab file containing your pairs of Kerberos principals and encrypted keys.
Data Type¶
string
Default Value¶
""
Remarks¶
The Keytab file containing your pairs of Kerberos principals and encrypted keys.
KerberosServiceRealm¶
The Kerberos realm of the service.
Data Type¶
string
Default Value¶
""
Remarks¶
The KerberosServiceRealm
is the specify the service Kerberos realm when using cross-realm Kerberos authentication.
In most cases, a single realm and KDC machine are used to perform the Kerberos authentication and this property is not required.
This property is available for complex setups where a different realm and KDC machine are used to obtain an authentication ticket (AS request) and a service ticket (TGS request).
KerberosServiceKDC¶
The Kerberos KDC of the service.
Data Type¶
string
Default Value¶
""
Remarks¶
The KerberosServiceKDC
is used to specify the service Kerberos KDC when using cross-realm Kerberos authentication.
In most cases, a single realm and KDC machine are used to perform the Kerberos authentication and this property is not required.
This property is available for complex setups where a different realm and KDC machine are used to obtain an authentication ticket (AS request) and a service ticket (TGS request).
KerberosTicketCache¶
The full file path to an MIT Kerberos credential cache file.
Data Type¶
string
Default Value¶
""
Remarks¶
This property can be set if you wish to use a credential cache file that was created using the MIT Kerberos Ticket Manager or kinit command.
SSL¶
This section provides a complete list of SSL properties you can configure.
Property | Description |
---|---|
SSLClientCert | The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL). |
SSLClientCertType | The type of key store containing the TLS/SSL client certificate. |
SSLClientCertPassword | The password for the TLS/SSL client certificate. |
SSLClientCertSubject | The subject of the TLS/SSL client certificate. |
SSLServerCert | The certificate to be accepted from the server when connecting using TLS/SSL. |
SSLClientCert¶
The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL).
Data Type¶
string
Default Value¶
""
Remarks¶
The name of the certificate store for the client certificate.
The SSLClientCertType field specifies the type of the certificate store specified by SSLClientCert
. If the store is password protected, specify the password in SSLClientCertPassword.
SSLClientCert
is used in conjunction with the SSLClientCertSubject field in order to specify client certificates. If SSLClientCert
has a value, and SSLClientCertSubject is set, a search for a certificate is initiated. See SSLClientCertSubject for more information.
Designations of certificate stores are platform-dependent.
The following are designations of the most common User and Machine certificate stores in Windows:
Property | Description |
---|---|
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
SPC | Software publisher certificates. |
In Java, the certificate store normally is a file containing certificates and optional private keys.
When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (for example, PKCS12 certificate store).
SSLClientCertType¶
The type of key store containing the TLS/SSL client certificate.
Possible Values¶
USER
, MACHINE
, PFXFILE
, PFXBLOB
, JKSFILE
, JKSBLOB
, PEMKEY_FILE
, PEMKEY_BLOB
, PUBLIC_KEY_FILE
, PUBLIC_KEY_BLOB
, SSHPUBLIC_KEY_FILE
, SSHPUBLIC_KEY_BLOB
, P7BFILE
, PPKFILE
, XMLFILE
, XMLBLOB
Data Type¶
string
Default Value¶
USER
Remarks¶
This property can take one of the following values:
Property | Description |
---|---|
USER - default | For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note that this store type is not available in Java. |
MACHINE | For Windows, this specifies that the certificate store is a machine store. Note that this store type is not available in Java. |
PFXFILE | The certificate store is the name of a PFX (PKCS12) file containing certificates. |
PFXBLOB | The certificate store is a string (base-64-encoded) representing a certificate store in PFX (PKCS12) format. |
JKSFILE | The certificate store is the name of a Java key store (JKS) file containing certificates. Note that this store type is only available in Java. |
JKSBLOB | The certificate store is a string (base-64-encoded) representing a certificate store in JKS format. Note that this store type is only available in Java. |
PEMKEY_FILE | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
PEMKEY_BLOB | The certificate store is a string (base64-encoded) that contains a private key and an optional certificate. |
PUBLIC_KEY_FILE | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
PUBLIC_KEY_BLOB | The certificate store is a string (base-64-encoded) that contains a PEM- or DER-encoded public key certificate. |
SSHPUBLIC_KEY_FILE | The certificate store is the name of a file that contains an SSH-style public key. |
SSHPUBLIC_KEY_BLOB | The certificate store is a string (base-64-encoded) that contains an SSH-style public key. |
P7BFILE | The certificate store is the name of a PKCS7 file containing certificates. |
PPKFILE | The certificate store is the name of a file that contains a PuTTY Private Key (PPK). |
XMLFILE | The certificate store is the name of a file that contains a certificate in XML format. |
XMLBLOB | The certificate store is a string that contains a certificate in XML format. |
SSLClientCertPassword¶
The password for the TLS/SSL client certificate.
Data Type¶
string
Default Value¶
""
Remarks¶
If the certificate store is of a type that requires a password, this property is used to specify that password to open the certificate store.
SSLClientCertSubject¶
The subject of the TLS/SSL client certificate.
Data Type¶
string
Default Value¶
*
Remarks¶
When loading a certificate the subject is used to locate the certificate in the store.
If an exact match is not found, the store is searched for subjects containing the value of the property. If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks the first certificate in the certificate store.
The certificate subject is a comma separated list of distinguished name fields and values. For example, "CN=www.server.com, OU=test, C=US, E=support@company.com". The common fields and their meanings are shown below.
Field | Meaning |
---|---|
CN | Common Name. This is commonly a host name like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma, it must be quoted.
SSLServerCert¶
The certificate to be accepted from the server when connecting using TLS/SSL.
Data Type¶
string
Default Value¶
""
Remarks¶
If using a TLS/SSL connection, this property can be used to specify the TLS/SSL certificate to be accepted from the server. Any other certificate that is not trusted by the machine is rejected.
This property can take the following forms:
Description | Example |
---|---|
A full PEM Certificate (example shortened for brevity) | -----BEGIN CERTIFICATE----- MIIChTCCAe4CAQAwDQYJKoZIhv......Qw== -----END CERTIFICATE----- |
A path to a local file containing the certificate | C:\\cert.cer |
The public key (example shortened for brevity) | -----BEGIN RSA PUBLIC KEY----- MIGfMA0GCSq......AQAB -----END RSA PUBLIC KEY----- |
The MD5 Thumbprint (hex values can also be either space or colon separated) | ecadbdda5a1529c58a1e9e09828d70e4 |
The SHA1 Thumbprint (hex values can also be either space or colon separated) | 34a929226ae0819f2ec14b4a3d904f801cbb150d |
If not specified, any certificate trusted by the machine is accepted.
Certificates are validated as trusted by the machine based on the System's trust store. The trust store used is the 'javax.net.ssl.trustStore' value specified for the system. If no value is specified for this property, Java's default trust store is used (for example, JAVA_HOME\lib\security\cacerts).
Use '*' to signify to accept all certificates. Note that this is not recommended due to security concerns.
SSH¶
This section provides a complete list of SSH properties you can configure.
Property | Description |
---|---|
SSHAuthMode | The authentication method used when establishing an SSH Tunnel to the service. |
SSHClientCert | A certificate to be used for authenticating the SSHUser. |
SSHClientCertPassword | The password of the SSHClientCert key if it has one. |
SSHClientCertSubject | The subject of the SSH client certificate. |
SSHClientCertType | The type of SSHClientCert private key. |
SSHServer | The SSH server. |
SSHPort | The SSH port. |
SSHUser | The SSH user. |
SSHPassword | The SSH password. |
SSHServerFingerprint | The SSH server fingerprint. |
UseSSH | Whether to tunnel the Greenplum connection over SSH. Use SSH. |
SSHAuthMode¶
The authentication method used when establishing an SSH Tunnel to the service.
Possible Values¶
None
, Password
, Public_Key
Data Type¶
string
Default Value¶
Password
Remarks¶
- None: No authentication is performed. The current User value is ignored, and the connection is logged in as anonymous.
- Password: The connector uses the values of User and Password to authenticate the user.
- Public_Key: The connector uses the values of User and SSHClientCert to authenticate the user. SSHClientCert must have a private key available for this authentication method to succeed.
SSHClientCert¶
A certificate to be used for authenticating the SSHUser.
Data Type¶
string
Default Value¶
""
Remarks¶
SSHClientCert
must contain a valid private key in order to use public key authentication. A public key is optional, if one is not included then the connector generates it from the private key. The connector sends the public key to the server and the connection is allowed if the user has authorized the public key.
The SSHClientCertType field specifies the type of the key store specified by SSHClientCert
. If the store is password protected, specify the password in SSHClientCertPassword.
Some types of key stores are containers which may include multiple keys. By default the connector will select the first key in the store, but you can specify a specific key using SSHClientCertSubject.
SSHClientCertPassword¶
The password of the SSHClientCert key if it has one.
Data Type¶
string
Default Value¶
""
Remarks¶
This property is only used when authenticating to SFTP servers with SSHAuthMode set to PublicKey and SSHClientCert set to a private key.
SSHClientCertSubject¶
The subject of the SSH client certificate.
Data Type¶
string
Default Value¶
*
Remarks¶
When loading a certificate the subject is used to locate the certificate in the store.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks the first certificate in the certificate store.
The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=example@jbexample.com". Common fields and their meanings are displayed below.
Field | Meaning |
---|---|
CN | Common Name. This is commonly a host name like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma it must be quoted.
SSHClientCertType¶
The type of SSHClientCert private key.
Possible Values¶
USER
, MACHINE
, PFXFILE
, PFXBLOB
, JKSFILE
, JKSBLOB
, PEMKEY_FILE
, PEMKEY_BLOB
, PPKFILE
, PPKBLOB
, XMLFILE
, XMLBLOB
Data Type¶
string
Default Value¶
PEMKEY_FILE
Remarks¶
This property can take one of the following values:
Types | Description | Allowed Blob Values |
---|---|---|
MACHINE/USER | Not available on this platform. | Blob values are not supported. |
JKSFILE/JKSBLOB | A Java keystore file. Must contain both a certificate and a private key. Only available in Java. | base64-only |
PFXFILE/PFXBLOB | A PKCS12-format (.pfx) file. Must contain both a certificate and a private key. | base64-only |
PEMKEY_FILE/PEMKEY_BLOB | A PEM-format file. Must contain an RSA, DSA, or OPENSSH private key. Can optionally contain a certificate matching the private key. | base64 or plain text. Newlines may be replaced with spaces when providing the blob as text. |
PPKFILE/PPKBLOB | A PuTTY-format private key created using the puttygen tool. | base64-only |
XMLFILE/XMLBLOB | An XML key in the format generated by the .NET RSA class: RSA.ToXmlString(true) . | base64 or plain text. |
SSHServer¶
The SSH server.
Data Type¶
string
Default Value¶
""
Remarks¶
The SSH server.
SSHPort¶
The SSH port.
Data Type¶
string
Default Value¶
22
Remarks¶
The SSH port.
SSHUser¶
The SSH user.
Data Type¶
string
Default Value¶
""
Remarks¶
The SSH user.
SSHPassword¶
The SSH password.
Data Type¶
string
Default Value¶
""
Remarks¶
The SSH password.
SSHServerFingerprint¶
The SSH server fingerprint.
Data Type¶
string
Default Value¶
""
Remarks¶
The SSH server fingerprint.
UseSSH¶
Whether to tunnel the Greenplum connection over SSH. Use SSH.
Data Type¶
bool
Default Value¶
false
Remarks¶
By default the connector will attempt to connect directly to Greenplum. When this option is enabled, the connector will instead establish an SSH connection with the SSHServer and tunnel the connection to Greenplum through it.
Schema¶
This section provides a complete list of schema properties you can configure.
Property | Description |
---|---|
Location | A path to the directory that contains the schema files defining tables, views, and stored procedures. |
BrowsableSchemas | This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA, SchemaB, SchemaC. |
Tables | This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA, TableB, TableC. |
Views | Restricts the views reported to a subset of the available tables. For example, Views=ViewA, ViewB, ViewC. |
Location¶
A path to the directory that contains the schema files defining tables, views, and stored procedures.
Data Type¶
string
Default Value¶
%APPDATA%\Greenplum Data Provider\Schema
Remarks¶
The path to a directory which contains the schema files for the connector (.rsd files for tables and views, .rsb files for stored procedures). The folder location can be a relative path from the location of the executable. The Location
property is only needed if you want to customize definitions (for example, change a column name, ignore a column, and so on) or extend the data model with new tables, views, or stored procedures.
If left unspecified, the default location is "%APPDATA%\Greenplum Data Provider\Schema" with %APPDATA%
being set to the user's configuration directory:
Platform | %APPDATA% |
---|---|
Windows | The value of the APPDATA environment variable |
Mac | ~/Library/Application Support |
Linux | ~/.config |
BrowsableSchemas¶
This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC.
Data Type¶
string
Default Value¶
""
Remarks¶
Listing the schemas from databases can be expensive. Providing a list of schemas in the connection string improves the performance.
Tables¶
This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC.
Data Type¶
string
Default Value¶
""
Remarks¶
Listing the tables from some databases can be expensive. Providing a list of tables in the connection string improves the performance of the connector.
This property can also be used as an alternative to automatically listing views if you already know which ones you want to work with and there would otherwise be too many to work with.
Specify the tables you want in a comma-separated list. Each table should be a valid SQL identifier with any special characters escaped using square brackets, double-quotes or backticks. For example, Tables=TableA,[TableB/WithSlash],WithCatalog.WithSchema.`TableC With Space`.
Note that when connecting to a data source with multiple schemas or catalogs, you will need to provide the fully qualified name of the table in this property, as in the last example here, to avoid ambiguity between tables that exist in multiple catalogs or schemas.
Views¶
Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC.
Data Type¶
string
Default Value¶
""
Remarks¶
Listing the views from some databases can be expensive. Providing a list of views in the connection string improves the performance of the connector.
This property can also be used as an alternative to automatically listing views if you already know which ones you want to work with and there would otherwise be too many to work with.
Specify the views you want in a comma-separated list. Each view should be a valid SQL identifier with any special characters escaped using square brackets, double-quotes or backticks. For example, Views=ViewA,[ViewB/WithSlash],WithCatalog.WithSchema.`ViewC With Space`.
Note that when connecting to a data source with multiple schemas or catalogs, you will need to provide the fully qualified name of the table in this property, as in the last example here, to avoid ambiguity between tables that exist in multiple catalogs or schemas.
Miscellaneous¶
This section provides a complete list of miscellaneous properties you can configure.
Property | Description |
---|---|
AllowPreparedStatement | Prepare a query statement before its execution. |
FetchResultSetMetadata | This field sets whether the provider retrieves metadata pertaining to the schema and table name for resultset columns returned by the server. |
MaxRows | Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses. |
Other | These hidden properties are used only in specific use cases. |
QueryPassthrough | This option passes the query to the Greenplum server as is. |
SupportUnboundedColumns | When this property is set, the provider reports Int32.MaxValue as the size of the columns of data type 'bytea' and 'text'. |
Timeout | The value in seconds until the timeout error is thrown, canceling the operation. |
AllowPreparedStatement¶
Prepare a query statement before its execution.
Data Type¶
bool
Default Value¶
true
Remarks¶
If the AllowPreparedStatement
property is set to false, statements are parsed each time they are executed. Setting this property to false can be useful if you are executing many different queries only once.
If you are executing the same query repeatedly, you will generally see better performance by leaving this property at the default, true. Preparing the query avoids recompiling the same query over and over. However, prepared statements also require the connector to keep the connection active and open while the statement is prepared.
FetchResultSetMetadata¶
This field sets whether the provider retrieves metadata pertaining to the schema and table name for resultset columns returned by the server.
Data Type¶
bool
Default Value¶
false
Remarks¶
By default, the connector will not request that the server provides detailed information about resultset columns like the table name or schema name. It requires issuing additional metadata queries via connector , and it may affect query performance essentially in some scenarios. Consider setting this property to True when you need such detailed descriptive information for the resultset columns.
MaxRows¶
Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses.
Data Type¶
int
Default Value¶
-1
Remarks¶
Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses.
Other¶
These hidden properties are used only in specific use cases.
Data Type¶
string
Default Value¶
""
Remarks¶
The properties listed below are available for specific use cases. Normal driver use cases and functionality should not require these properties.
Specify multiple properties in a semicolon-separated list.
Integration and Formatting¶
Property | Description |
---|---|
DefaultColumnSize | Sets the default length of string fields when the data source does not provide column length in the metadata. The default value is 2000. |
ConvertDateTimeToGMT | Determines whether to convert date-time values to GMT, instead of the local time of the machine. |
RecordToFile=filename | Records the underlying socket data transfer to the specified file. |
QueryPassthrough¶
This option passes the query to the Greenplum server as is.
Data Type¶
bool
Default Value¶
true
Remarks¶
When this is set, queries are passed through directly to Greenplum.
SupportUnboundedColumns¶
When this property is set, the provider reports Int32.MaxValue as the size of the columns of data type 'bytea' and 'text'.
Data Type¶
bool
Default Value¶
true
Remarks¶
When false, columns of data type 'text' will report a size of DefaultColumnSize.
Timeout¶
The value in seconds until the timeout error is thrown, canceling the operation.
Data Type¶
int
Default Value¶
30
Remarks¶
If Timeout
= 0, operations do not time out. The operations run until they complete successfully or until they encounter an error condition.
If Timeout
expires and the operation is not yet complete, the connector throws an exception.