Switching users of a trusted connection

When a trusted connection is established, Db2 enables the trusted connection to be reused by a different user on a transaction boundary.

You can reuse a trusted connection at a local Db2 subsystem by using RRSAF, the DSN command processor under TSO, DB2I, and the SQL CONNECT statement with the USER and USING clauses. To reuse the trusted connection, you must add the specific user to the trusted context. If you specify 'PUBLIC' as the user, Db2 allows the trusted connection to be used by any authorization ID; the trusted connection can be used by a different user with or without authentication. However, you can require authentication by specifying the WITH AUTHENTICATION clause.

You can use RRSAF, the DSN command processor under TSO, and DB2I to switch to a new user on a trusted connection without authentication. If authentication is required, you can use the SQL CONNECT statement with the USER and USING clauses. The SQL CONNECT semantics prevent the use of CONNECT TO with the USER and USING clauses to switch authorization IDs on a remote connection.