Online Documentation for SQL Manager for DB2

Creating/editing security policy


Use the Edit tab of Security Policy Editor to create/edit a security policy and specify its definition.

 

Security Policy Editor - Editing security policy definition

 

 

Name

Type the security policy name in this field.

 

CheckBox Override not authorized write the specified security label

Indicates that the insert or update operation will fail if the user is not authorized to write the explicitly specified security label that is provided in the INSERT or UPDATE statement.

 

CheckBox Use role auth

If the option is enabled, all security labels and exemptions granted to roles of which the user authorization ID is a direct or indirect member will be considered. Security labels and exemptions granted to roles for which membership is only accessible through the groups associated with the user authorization ID will not be considered.

 

CheckBox Use group auth

If the option is enabled, all security labels and exemptions granted to groups associated with the user authorization ID will be considered. Security labels and exemptions granted to roles for which membership is only accessible through the groups associated with the user authorization ID will not be considered.

 

Note: If both group and role authorizations are enabled, any security labels and exemptions granted to roles accessible to the user indirectly through groups associated with the user authorization ID will be considered.

 

 

The Components area allows you to select security label components.

To select a security label component, you need to move it from the Available components list to the Selected components list. Use the Move all to Selected Move to Selected Move to Available Move all to Available buttons or drag-and-drop operations to move the security label components from one list to another.