On Mon, 24 Nov 2025 00:40:47 +0200, Binyamin Dissen <[email protected]> wrote:
>DB2 query - is there a way to give a specific permission for a user to SET >CURRENT SQLID to another user without special privileges? Something thru the >surrogate class? I researched (never implemented) this for a project and found that DB2 secondary authorization id's are implemented through a DB2 user exit. Maybe someone has used it but if not, the doc is https://www.ibm.com/docs/en/db2-for-zos/13.0.0?topic=applications-using-secondary-ids-sign-requests I suspect you could implement it using SUROGAT but I suspect there must be a reason why IBM chose RACF groups. Hopefully someone has some real experience. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
