Online Documentation for SQL Manager for DB2

Creating/editing security policy

Use the Edit tab of Security Policy Editor to create/edit a security policy and specify its definition.

Name

Type the security policy name in this field.

Override not authorized write the specified security label

Indicates that the insert or update operation will fail if the user is not authorized to write the explicitly specified security label that is provided in the INSERT or UPDATE statement.

Use role auth

If the option is enabled, all security labels and exemptions granted to roles of which the user authorization ID is a direct or indirect member will be considered. Security labels and exemptions granted to roles for which membership is only accessible through the groups associated with the user authorization ID will not be considered.

Use group auth

If the option is enabled, all security labels and exemptions granted to groups associated with the user authorization ID will be considered. Security labels and exemptions granted to roles for which membership is only accessible through the groups associated with the user authorization ID will not be considered.

Note: If both group and role authorizations are enabled, any security labels and exemptions granted to roles accessible to the user indirectly through groups associated with the user authorization ID will be considered.

The Components area allows you to select security label components.

To select a security label component, you need to move it from the Available components list to the Selected components list. Use the buttons or drag-and-drop operations to move the security label components from one list to another.