PostgreSQL User Impersonation Configuration

Attention: This topic applies to a feature that is in Early Adopter Program (EAP) release status. We intend to provide the finalized feature in a future release. Please contact Micro Focus Customer Care if you require further clarification.

To find the appropriate database user credentials for CICS transactions or batch jobs, the EDB PostgreSQL XA switch module executes a SET SESSION AUTHORIZATION statement. For this call to work properly, your xa_open string user must be a superuser. This enables the xa_open user ID to impersonate the appropriate database user ID.

The following is provided as a simple example. Your security and database environment might dictate a different implementation. Please review the PostgreSQL documentation on this and other related topics before implementing your solution:

  1. Create the user cited in the xa_open string: 
    CREATE ROLE XAOPENUSER SUPERUSER LOGIN PASSWORD 'xxxxxx'
  2. Create the user FRITZ to execute CICS or JCL: 
    CREATE ROLE FRITZ LOGIN PASSWORD 'xxxxxx'
  3. Create a schema for FRITZ: 
    CREATE SCHEMA FRITZ AUTHORIZATION FRITZ
Parent topic: User Impersonation for CICS and JCL