Query Bands and Trusted Requests
You can set the TrustOnly flag for a trusted user by specifying the WITH TRUST_ONLY option with a GRANT CONNECT THROUGH request.
When you commit or roll back a transaction, Vantage removes its query band and any proxy user who was set with a query band for that transaction. Because you cannot control these actions by setting the TrustOnly flag, set a session query band to set the TrustOnly flag when the query band must be in effect for longer than a single transaction.
Query Bands, Trusted Sessions, and Multiple-Statement Requests
The following rules apply to query bands, trusted sessions, and multiple-statement requests.
- As is true for non-trusted sessions, a transaction query band must be the first statement specified in a multiple-statement request.
- If PROXYUSER and PROXYROLE are set in a query band, then Vantage enforces the privileges defined for the trusted session to validate the privileges of the individual statements in a multiple-statement request.
- With the following exceptions, the trusted session privileges are not enforced in a multiple-statement request.
- When the transaction query band is specified using a ? parameter in a Java or ODBC program.
- In macros and procedures. See Query Bands, Trusted Sessions, and Roles.