Set up Row Level LBAC



You must log into the database as Pat before proceeding with this page.

In previous pages, SECADM Pat created security labels. Now, the security labels need to be granted to users accordingly so that they can access their own regional 'dailysales' table data.

Operation


SECADM grants security labels to users with the GRANT SECURITY LABEL command.

Solution


The query results in the right pane show that SECADM Pat grants:





When a user tries to access 'dailysales' table data, DB2 compares the user's security label with the row's security label. Access will be given to the user only if the security labels match. Otherwise an empty result set will be returned.