CHECKING access approval reasons
The following list shows the possible CHECKING access approval reasons.
Note that an audit record might contain multiple access approval reasons, for
example: access approval reason=DATAACCESS,ACCESSCTRL;
. When multiple access
approval reasons are present, the user must have all stated authorities and privileges in order
to pass the authorization check for the attempted access.
- 0x00000000000000000000000000000001 ACCESS DENIED
- Access is not approved; rather, it was denied.
- 0x00000000000000000000000000000002 SYSADM
- Access is approved; the application or user has SYSADM authority.
- 0x00000000000000000000000000000004 SYSCTRL
- Access is approved; the application or user has SYSCTRL authority.
- 0x00000000000000000000000000000008 SYSMAINT
- Access is approved; the application or user has SYSMAINT authority.
- 0x00000000000000000000000000000010 DBADM
- Access is approved; the application or user has DBADM authority.
- 0x00000000000000000000000000000020 DATABASE
- Access is approved; the application or user has an explicit privilege on the database.
- 0x00000000000000000000000000000040 OBJECT
- Access is approved; the application or user has a privilege on the object or function.
- 0x00000000000000000000000000000080 DEFINER
- Access is approved; the application or user is the definer of the object or function.
- 0x00000000000000000000000000000100 OWNER
- Access is approved; the application or user is the owner of the object or function.
- 0x00000000000000000000000000000200 CONTROL
- Access is approved; the application or user has CONTROL privilege on the object or function.
- 0x00000000000000000000000000000400 BIND
- Access is approved; the application or user has bind privilege on the package.
- 0x00000000000000000000000000000800 SYSQUIESCE
- Access is approved; if the instance or database is in quiesce mode, the application or user may connect or attach.
- 0x00000000000000000000000000001000 SYSMON
- Access is approved; the application or user has SYSMON authority.
- 0x00000000000000000000000000002000 SECADM
- Access is approved; the application or user has SECADM authority.
- 0x00000000000000000000000000004000 SETSESSIONUSER
- Access is approved; the application or user has SETSESSIONUSER authority.
- 0x00000000000000000000000000008000 TRUSTED_CONTEXT_MATCH
- Connection attributes matched the attributes of a unique trusted context defined at the Db2® server.
- 0x00000000000000000000000000010000 TRUSTED_CONTEXT_USE
- Access is approved to use a trusted context.
- 0x00000000000000000000000000020000 SQLADM
- Access is approved; the application or user has SQLADM authority.
- 0x00000000000000000000000000040000 WLMADM
- Access is approved; the application or user has WLMADM authority.
- 0x00000000000000000000000000080000 EXPLAIN
- Access is approved; the application or user has EXPLAIN authority.
- 0x00000000000000000000000000100000 DATAACCESS
- Access is approved; the application or user has DATAACCESS authority.
- 0x00000000000000000000000000200000 ACCESSCTRL
- Access is approved; the application or user has ACCESSSCTRL authority.
- 0x00000000000000000000000000400000 CREATE_SECURE_OBJECT
- Access is approved; the application or user has the SECUREOBJECTAUTH authority.