DB2 provides an authorization ID for the execution of a Natural stored procedure or Natural UDF to control access to non-SQL resources with an external security product, such as RACF. The NDB server stub uses this authorization ID to perform an implicit LOGON within the Natural session created for the Natural stored procedure or the Natural UDF. So, if the Natural stored procedure or Natural UDF is to be executed in a Natural Security environment, ensure that the authorization ID used has been defined in the FSEC file.
As shown in the table below, the authorization DB2 provides depend on the definition of the SECURITY attribute specified for the Natural stored procedure or UDF:
SECURITY Attribute | DB2 Authorization ID of: |
---|---|
DB2 | The address space in which the Natural stored procedure or Natural UDF is executed. |
USER | The process (caller) that invokes the Natural stored procedure or Natural UDF |
DEFINER | The owner of the Natural stored procedure or UDF. |