Rules for switching the user ID on a trusted connection
Specific rules apply to switching users on a trusted connection. Use the following rules to preserve security and auditing capability for trusted connections that are used by multiple users.
| Switching Rule | Related Errors |
|---|---|
| The switch request must be made on a transaction boundary. | If the switch request is not made on a transaction
boundary, the system rolls back the transaction, sends the switch
request to the server for processing, drops the connection, and then
returns an error message. SQLCODE -30020 |
| The switch request must not come from within a stored procedure. | If the switch request is made from within a
stored procedure, the system returns an error message indicating an
invalid operation in the environment. The system does not drop the
connection and can process subsequent requests. SQLCODE -30090 |
| The switch request must come from a user ID that is allowed on the trusted connection. | If the switch request is made with an authorization
ID that is not allowed on the trusted connection, the system drops
the connection and returns an error message. SQLCODE -32509 |
| Trusted-connection requests from user IDs that require authentication to switch must provide a correct authentication token (password). | If the trusted-context object requires authentication
to switch the user ID, but the appropriate authentication token is
not provided in the connection, the system drops the connection and
returns an error message. SQLCODE -26456 |
| The trusted-context object used for a trusted connection must be enabled when a switch request is made. | If the trusted-context object associated with
the trusted connection is dropped or disabled and a switch request
for that trusted connection is made, the system drops the connection
and returns an error message. SQLCODE -26456 |
| The new, switched user ID must hold CONNECT privileges to the database. | If the switch request is made with a user ID
allowed on the trusted connection but that user ID does not hold CONNECT
privilege on the database, then the system returns an error message,
but does not drop the connection. SQLCODE -387 |
If the connection is dropped because of any of the issues
previously described, the only requests acceptable by the system are:
- A COMMIT statement
- A ROLLBACK SQL statement
- A DISCONNECT request
- A CONNECT request