This form of the REVOKE statement revokes the privilege to access and use a specified data source in pass-through mode.
This statement can be embedded in an application program or issued through the use of dynamic SQL statements. It is an executable statement that can be dynamically prepared only if DYNAMICRULES run behavior is in effect for the package (SQLSTATE 42509).
The privileges held by the authorization ID of the statement must include ACCESSCTRL or SECADM authority.
>>-REVOKE PASSTHRU ON SERVER--server-name--FROM-----------------> .-,---------------------------------. V | .-BY ALL-. >----+-+-------+--authorization-name-+-+--+--------+----------->< | +-USER--+ | | +-GROUP-+ | | '-ROLE--' | '-PUBLIC------------------------'
The list of authorization IDs cannot include the authorization ID of the user issuing the statement (SQLSTATE 42502).
REVOKE PASSTHRU ON SERVER MOUNTAIN FROM USER USER6
REVOKE PASSTHRU ON SERVER EASTWING FROM GROUP D024
The
members of group D024 will no longer be able to use their group ID
to pass through to EASTWING. But if any members have the privilege
to pass through to EASTWING under their own user IDs, they will retain
this privilege.