PostgreSQL User Impersonation Configuration

Note: This is a technology preview feature only. It is being made available to allow you to test and provide feedback on this new capability; however, this feature is not intended for production use and it is not supported as such. Furthermore, Micro Focus does not guarantee that this feature will be delivered at a GA level and if it is, then the functionality provided might differ considerably from this technology preview.

To find the appropriate database user credentials for CICS transactions or batch jobs, the EDB PostgreSQL XA switch module executes a SET SESSION AUTHORIZATION statement. For this call to work properly, your xa_open string user must be a superuser. This enables the xa_open user ID to impersonate the appropriate database user ID.

The following is provided as a simple example. Your security and database environment might dictate a different implementation. Please review the PostgreSQL documentation on this and other related topics before implementing your solution:

  1. Create the user cited in the xa_open string:
    CREATE ROLE XAOPENUSER SUPERUSER LOGIN PASSWORD 'xxxxxx'
  2. Create the user FRITZ to execute CICS or JCL:
    CREATE ROLE FRITZ LOGIN PASSWORD 'xxxxxx'
  3. Create a schema for FRITZ:
    CREATE SCHEMA FRITZ AUTHORIZATION FRITZ