To query a user's surrogate authority, you can use the QUERY SECURITY
command with the RESCLASS('SURROGAT') option. You also need to specify the
RESID and RESIDLENGTH options. The RESID value you should provide is described
in
RESID values. However, this command is
not controlled by the XUSER system initialization parameter, so you might
obtain an unexpected response of NOTREADABLE if XUSER=NO has been specified.
For example, to check whether the current user is allowed to start a transaction
with a new userid of NEWUSER, when XUSER=YES is specified, issue the command:
QUERY SECURITY RESCLASS('SURROGAT') RESID('NEWUSER.DFHSTART')
RESIDLENGTH(16) READ(read cvda)