In order to implement security, I created a view F4211 in another library staging in the following way:
I granted access to a user for this view but the user says he is facing problems with the privilege error when he attempts to access the view.
CREATE VIEW STAGING.F4211 AS SELECT * FROM PROD.F4211 WHERE SDKCOO='12345'
Could you please let me know if I need to grant access to F4211 in prod library also? However, if I do that there will be a loophole, as the user will be able to access all data.
One last thing to mention is that the user does not have any privileges on prod library. I would like to fix this user's problem with the priviledge error without enabling this user to access all data.
As long as you do not give the user *OBJOPR object authority to the physical file, they will only be able to access the data via the view. If the user attempts to get the data from the physical file, it will fail.
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
The UPPWEI field corresponds to the password expiration interval field, and its values "0" and "-1" represent the *SYSVAL and *NOXMAX commands. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.