PostgreSQL User Impersonation Configuration

To find the appropriate database user credentials for CICS transactions or batch jobs, the PostgreSQL XA switch module executes a SET SESSION AUTHORIZATION statement. For this call to work properly, your xa_open string user must be a superuser. This enables the xa_open user ID to impersonate the appropriate database user ID.

The following is provided as a simple example. Your security and database environment might dictate a different implementation. Please review the PostgreSQL documentation on this and other related topics before implementing your solution:

  1. Create the user cited in the xa_open string: 
    CREATE ROLE XAOPENUSER SUPERUSER LOGIN PASSWORD 'xxxxxx'
  2. Create the user FRITZ to execute CICS or JCL: 
    CREATE ROLE FRITZ LOGIN PASSWORD 'xxxxxx'
  3. Create a schema for FRITZ: 
    CREATE SCHEMA FRITZ AUTHORIZATION FRITZ
Parent topic: User Impersonation for CICS and JCL