Checking authorization for executing an RRSAF application without a plan

If an RRSAF application does not have a plan, the following authorization rules are true:

• For the following types of packages, the primary or secondary authorization ID and role of the process are used for checking authorization to execute the package:
  • A local package
  • A remote package that is on a Db2 for z/OS® system and is accessed using DRDA
• At a Db2 for z/OS system, the authorization to execute the DESCRIBE TABLE statement includes checking the primary and secondary authorization IDs.
• For a double hop situation, the authorization ID that must hold the required privileges to execute SQL statements at the second server is determined as if the requester is not a Db2 for z/OS system.