DB2 10.5 for Linux, UNIX, and Windows

REVOKE (server privileges) statement

This form of the REVOKE statement revokes the privilege to access and use a specified data source in pass-through mode.

Invocation

This statement can be embedded in an application program or issued through the use of dynamic SQL statements. It is an executable statement that can be dynamically prepared only if DYNAMICRULES run behavior is in effect for the package (SQLSTATE 42509).

Authorization

The privileges held by the authorization ID of the statement must include ACCESSCTRL or SECADM authority.

Syntax

Read syntax diagramSkip visual syntax diagram
>>-REVOKE PASSTHRU ON SERVER--server-name--FROM----------------->

   .-,---------------------------------.               
   V                                   |  .-BY ALL-.   
>----+-+-------+--authorization-name-+-+--+--------+-----------><
     | +-USER--+                     |                 
     | +-GROUP-+                     |                 
     | '-ROLE--'                     |                 
     '-PUBLIC------------------------'                 

Description

SERVER server-name
Names the data source for which the privilege to use in pass-through mode is being revoked. server-name must identify a data source that is described in the catalog.
FROM
Specifies from whom the privilege is revoked.
USER
Specifies that the authorization-name identifies a user.
GROUP
Specifies that the authorization-name identifies a group name.
ROLE
Specifies that the authorization-name identifies a role name.
authorization-name,...
Lists the authorization IDs of one or more users, groups, or roles.

The list of authorization IDs cannot include the authorization ID of the user issuing the statement (SQLSTATE 42502).

PUBLIC
Revokes from PUBLIC the privilege to pass through to server-name.
BY ALL
Revokes the privilege from all named users who were explicitly granted that privilege, regardless of who granted it. This is the default behavior.

Rules

Examples