WebSphere Enterprise Service Bus for z/OS, Version 6.2.0 Operating Systems: z/OS


Granting table privileges to the J2C authentication alias user ID

If the schema name you are using is not the same as the J2C authentication alias user ID you must grant a sub-set of DB2® privileges to the J2C authentication alias user ID.

About this task

The DDL for the Service Integration Bus already contains commented GRANT commands that you can use as a basis for granting access to the SIB tables. However, the other WebSphere® ESB for z/OS® components do not supply any GRANT statements.

Use a schema name that is not the same as the J2C authentication alias to prevent the alias user ID having the power to drop tables. (The power to drop tables is implicitly granted to the creator, that is, the schema.) Note that it does not make sense to grant a privilege like DBADM to the J2C authentication alias user ID because DBADM also has the ability to DROP tables.

If you want the WebSphere ESB to function while not allowing the alias user ID to have DROP capability, create some GRANT statements by copying the DDL and editing it to construct GRANT commands from the CREATE commands. Create GRANT commands like:
GRANT ALL PRIVILEGES ON TABLE
cell.tablename TO userid/sqlid

Where userid/sqlid is the J2C authentication alias user ID.


task Task topic

Terms of use | Feedback


Timestamp icon Last updated: 21 June 2010


http://publib.boulder.ibm.com/infocenter/dmndhelp/v6r2mx/topic//com.ibm.websphere.wesb620.zseries.doc/doc/tins_zos_db2_priv_j2c.html
Copyright IBM Corporation 2005, 2010. All Rights Reserved.
This information center is powered by Eclipse technology (http://www.eclipse.org).