home clear 64x64
en blue 200x116 de orange 200x116 info letter User
suche 36x36
Latest versionsfixlist
11.1.0.7 FixList
10.5.0.9 FixList
10.1.0.6 FixList
9.8.0.5 FixList
9.7.0.11 FixList
9.5.0.10 FixList
9.1.0.12 FixList
Have problems? - contact us.
Register for free anmeldung-x26
Contact form kontakt-x26

DB2 - Problem description

Problem IT21754 Status: Closed

SQL5193N RECEIVED ON WORKLOAD ASSIGNMENT WHEN ROLE IS INHERITEDFROM A
TRUSTED CONTEXT

product:
DB2 FOR LUW / DB2FORLUW / B10 - DB2
Problem description:
If USAGE to a workload is granted to a ROLE that is inherited
from a trusted context, that role is ignored during workload
assignment and applications using that role can receive:

SQL5193N  The current session user does not have usage privilege
on any enabled workloads.


For example, assume that a role APP_USER has the following
privileges:

CONNECT ON DATABASE
USAGE ON WORKLOAD SYSDEFAULTWORKLOAD
DATAACCESS ON DATABASE
EXECUTE ON PACKAGE "NULLID"."SQLC8G06"
EXECUTE ON PACKAGE "NULLID"."SQLC8H06"

Then the following trusted context is created:

CREATE TRUSTED CONTEXT APP_SERVER
  BASED UPON CONNECTION USING SYSTEM AUTHID APPCON
  ATTRIBUTES (ADDRESS 'xxxx.xxx.xxx' WITH ENCRYPTION 'NONE',
              ADDRESS 'yyyy.yyy.yyy' WITH ENCRYPTION 'NONE',
              ADDRESS 'zzzz.zzz.zzz' WITH ENCRYPTION 'NONE')
  DEFAULT ROLE APP_USER
  ENABLE
  WITH USE FOR PUBLIC
  WITHOUT AUTHENTICATION;

Finally, all privileges are revoked from the workload
SYSDEFAULTWORKLOAD except for the role APP_USER.

Any application connecting to the database using the trusted
context will receive
SQL5193N when trying to use the workload SYSDEFAULTWORKLOAD.


If if usage is explicitly granted to the workload, for example:

GRANT USAGE ON WORKLOAD SYSDEFAULTUSERWORKLOAD TO PUBLIC (or
TESTUSR)

then all works fine.

So the trusted context role is not checked by WLM during
workload assignment.
Problem Summary:
****************************************************************
* USERS AFFECTED:                                              *
* Users using Workload Manager                                 *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* See Error Description                                        *
****************************************************************
* RECOMMENDATION:                                              *
* upgrade to DB2 Version 11 Mod 2 Fix pack 2                   *
****************************************************************
Local Fix:
Grant usage on Workloads to public or the users requiring the
access such as:
GRANT USAGE ON WORKLOAD SYSDEFAULTUSERWORKLOAD TO PUBLIC
Solution


Workaround


Grant usage on Workloads to public or the users requiring the
access such as:
GRANT USAGE ON WORKLOAD SYSDEFAULTUSERWORKLOAD TO PUBLIC


BUG-Tracking


forerunner  : IT17348 
follow-up : 


Timestamps


Date  - problem reported    :
Date  - problem closed      :
Date  - last modified       :

03.08.2017
11.10.2017
11.10.2017


Problem solved at the following versions (IBM BugInfos)




Problem solved according to the fixlist(s) of the following version(s)