CHECKING access approval reasons

Note that an audit record might contain multiple access approval reasons, for example: access approval reason=DATAACCESS,ACCESSCTRL;. When multiple access approval reasons are present, the user must have all stated authorities and privileges in order to pass the authorization check for the attempted access.

0x00000000000000000000000000000001 ACCESS DENIED

Access is not approved; rather, it was denied.

0x00000000000000000000000000000002 SYSADM

Access is approved; the application or user has SYSADM authority.

0x00000000000000000000000000000004 SYSCTRL

Access is approved; the application or user has SYSCTRL authority.

0x00000000000000000000000000000008 SYSMAINT

Access is approved; the application or user has SYSMAINT authority.

0x00000000000000000000000000000010 DBADM

Access is approved; the application or user has DBADM authority.

0x00000000000000000000000000000020 DATABASE

Access is approved; the application or user has an explicit privilege on the database.

0x00000000000000000000000000000040 OBJECT

Access is approved; the application or user has a privilege on the object or function.

0x00000000000000000000000000000080 DEFINER

Access is approved; the application or user is the definer of the object or function.

0x00000000000000000000000000000100 OWNER

Access is approved; the application or user is the owner of the object or function.

0x00000000000000000000000000000200 CONTROL

Access is approved; the application or user has CONTROL privilege on the object or function.

0x00000000000000000000000000000400 BIND

Access is approved; the application or user has bind privilege on the package.

0x00000000000000000000000000000800 SYSQUIESCE

Access is approved; if the instance or database is in quiesce mode, the application or user may connect or attach.

0x00000000000000000000000000001000 SYSMON

Access is approved; the application or user has SYSMON authority.

0x00000000000000000000000000002000 SECADM

Access is approved; the application or user has SECADM authority.

0x00000000000000000000000000004000 SETSESSIONUSER

Access is approved; the application or user has SETSESSIONUSER authority.

0x00000000000000000000000000008000 TRUSTED_CONTEXT_MATCH

Connection attributes matched the attributes of a unique trusted context defined at the DB2® server.

0x00000000000000000000000000010000 TRUSTED_CONTEXT_USE

Access is approved to use a trusted context.

0x00000000000000000000000000020000 SQLADM

Access is approved; the application or user has SQLADM authority.

0x00000000000000000000000000040000 WLMADM

Access is approved; the application or user has WLMADM authority.

0x00000000000000000000000000080000 EXPLAIN

Access is approved; the application or user has EXPLAIN authority.

0x00000000000000000000000000100000 DATAACCESS

Access is approved; the application or user has DATAACCESS authority.

0x00000000000000000000000000200000 ACCESSCTRL

Access is approved; the application or user has ACCESSSCTRL authority.

0x00000000000000000000000000400000 CREATE_SECURE_OBJECT

Access is approved; the application or user has the SECUREOBJECTAUTH authority.