A metadata-bound library
is a physical library that is tied to a corresponding metadata object.
The CREATE statement of the AUTHLIB procedure generates a new metadata
object and binds the physical library to that object.
Each physical table
within a metadata-bound library has information in its header that
points to a specific metadata object (a secured table object). The
pointer creates a security binding between the physical table and
the metadata object. The binding ensures that SAS universally enforces
metadata-layer permission requirements for the physical table—regardless
of how a user requests access from SAS.
Access
from SAS to data within a metadata-bound library is provided only
if all of the following conditions are met:
-
The requesting user can connect
to the metadata server in which the corresponding object is stored.
-
The requesting user’s metadata
identity has all required metadata-layer effective permissions for
the requested action.
-
The host identity with which the
data is retrieved has all required host-layer access to the data.