Enyinnaya
asked on
DB2 ROLE and Trusted Context definition not Working...What am I doing Wrong? Please advise..
Hi all,
I am desperately seeking answers to this DB2 table access problem. I have defined the following ROLE and Trusted Context objects in my DB2 z/OS environment:
CREATE ROLE ROLE1;
GRANT SELECT ON TABLE TABLE_NAME TO ROLE1;
CREATE TRUSTED CONTEXT TC_SELECT
BASED UPON CONNECTION USING SYSTEM AUTHID USERID_1
ATTRIBUTES (ADDRESS '9.30.131.203')
DEFAULT ROLE ROLE1
ENABLE
WITH USE FOR USERID_1 WITH AUTHENTICATION;
Using query monitor, when my user USERID_1 execute his program, I find that access is denied and with the following SQLCODE -551 - "<authorization-ID>" does not have the privilege to perform operation "<operation>" on object "<name>", SQLCODE=-551, SQLSTATE=42501.
The application is being executed from a Windows Server 2008 to access a table on DB2 9 on Z/OS machine.
Can someone please point out what I am doing wrong or what I am missing with my setup? Do I need any other GRANT in this scenario?
Thank in advance for your help...
I am desperately seeking answers to this DB2 table access problem. I have defined the following ROLE and Trusted Context objects in my DB2 z/OS environment:
CREATE ROLE ROLE1;
GRANT SELECT ON TABLE TABLE_NAME TO ROLE1;
CREATE TRUSTED CONTEXT TC_SELECT
BASED UPON CONNECTION USING SYSTEM AUTHID USERID_1
ATTRIBUTES (ADDRESS '9.30.131.203')
DEFAULT ROLE ROLE1
ENABLE
WITH USE FOR USERID_1 WITH AUTHENTICATION;
Using query monitor, when my user USERID_1 execute his program, I find that access is denied and with the following SQLCODE -551 - "<authorization-ID>" does not have the privilege to perform operation "<operation>" on object "<name>", SQLCODE=-551, SQLSTATE=42501.
The application is being executed from a Windows Server 2008 to access a table on DB2 9 on Z/OS machine.
Can someone please point out what I am doing wrong or what I am missing with my setup? Do I need any other GRANT in this scenario?
Thank in advance for your help...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks all...you all kind of was close to what appears to be the issue...for now it appears there is a missing PTF for ACF2 before it can support trusted context.
ASKER
The application is interacting with DB2 z/OS via JDBC driver. The application request is reaching the DB2 entry point but is being rejected (SQLCODE=-551) as not having the authority to perform (in this case a SELECT) on the database table.
As the following actual error message shows, the connection is rejected for lack of SELECT privilege:
Using query monitor, I find that access is denied and with the following SQLCODE -551 - "<authorization-ID>" does not have the privilege to perform operation "<operation>" on object "<name>", SQLCODE=-551, SQLSTATE=42501.
The application is being executed from a Windows Server 2008 to access a table on DB2 9 on Z/OS machine.
I am curious if I am missing anything given the code definitions as shown at the beginning of this thread.
Thanks