What happens if a resource is not granted but resource group is defined? I.E say CADB2 is defined, but the CONNECT.AUTH.USERID is not granted? Will it prevent access to bacth? What happens if CADB2 is not defined? Will it prevent access to the resource?
Release : 20.0
Component : Execution Manager
If resource is not granted then the functionality that resource is being checked for will not work. This include if CADB2 is not defined. SAF-based security resource checks are required for the following product features and functions: Batch Processor interface exit processing for BPAEXIT1 to permit use of Db2 secondary IDs. Explain functions in Plan Analyer.
To permit users to execute these functions and components using SAF-based resource checks, complete the following steps:
Define the CADB2 resource class name.
(CADB2 is predefined in ACF2).
Permit READ access for the user. The following entities can be specified:
Permits the use of Db2 secondary IDs with the Batch Processor .AUTH command(BPAEXIT).
Permits use of the EXPLAIN functions in Plan Analyzer, where userid is the value that is specified in the Primary AUTHID explain option.