Friday, 6 November 2015

IBM BPM on z/Linux - DB2 on z/OS - Permissions will still get you, every single time

A colleague of mine was seeing exceptions such as: -

[11/6/15 15:18:15:361 CET] 00000097 ProcessEngine E   DB2 SQL Error: SQLCODE=-551, SQLSTATE=42501, SQLERRMC=ZBDBU;SELECT;SYSIBM.SYSTABLES, DRIVER=4.15.120

com.ibm.db2.jcc.am.SqlException: DB2 SQL Error: SQLCODE=-516, SQLSTATE=26501, SQLERRMC=null, DRIVER=4.15.120

Caused by: com.ibm.db2.jcc.am.SqlSyntaxErrorException: DB2 SQL Error: SQLCODE=-551, SQLSTATE=42501, SQLERRMC=ZBDBU;SELECT;SYSIBM.SYSTABLES, DRIVER=4.15.120
at com.ibm.db2.jcc.am.fd.a(fd.java:696)

in SystemOut.log when starting an IBM BPM Advanced 8.5.6.0 Deployment Environment on z/Linux ( with DB on z/OS, for the record ).

I suggested that it might be permissions-related given that he was getting SQLCODE=-551, which translates into DB2 speak as: -

SQL0551N  The statement failed because the authorization ID does not
      have the required authorization or privilege to perform the
      operation. Authorization ID: "<authorization-ID>". Operation:
      "<operation>". Object: "<object-name>".


and I wondered whether the problem might be that the BPM Deployment Environment is using an ID in DB2 that doesn't have the appropriate permissions to tables/indexes/views etc.

He checked with the DBA, who ran a GRANT command: -

grant select to ZBDBU

which fixed the problem.

Thanks to this: -


for a reminder.

No comments: