Granting privileges for accessing distributed data

Some time after the system and database administrators at Spiffy Computer Company implement their security plan, the company president tells them that other applications on other systems must connect to the local Db2 subsystem. She wants people at every location to be able to access bowling scores through PROGRAM1 on the local subsystem.

The administrators perform the following steps to enable access from all Spiffy locations:

1. Add a CONNECT statement to the program, naming the location at which table PRODCTN.T1 resides. In this case, the table and the package reside at only the central location.
2. Issue the following statement so that PKA01, who has PACKADM authority, can grant the required privileges to DEVGROUP:

   GRANT CREATE IN COLLECTION BOWLS TO DEVGROUP;

3. Bind the SQL statements in PROGRAM1 as a package.
4. Bind the SQL statements in PROGRAM1 as a package by the package owner:

   GRANT EXECUTE ON PACKAGE PROGRAM1 TO PUBLIC;

Results

Any system that is connected to the original Db2 location can run PROGRAM1 and execute the package by using DRDA access. However, if the remote system is another Db2, a plan must be bound there that includes the package in its package list.