Security of UDTs is maintained through normal SQL GRANT and
REVOKE statements via a simple extension. You can define the level
of access to both native and externally hosted UDTs.
Grants for persistent user defined types are persisted into the
SYS_GRANTS table. Grants on temporary user defined types are
in-memory only and are lost (together with the temporary user
defined type definition) when the server is restarted.
There are two GRANT/REVOKE types for UDTs as follows:
EXECUTE - all methods
and members of a class are accessible to the grantee.
UNDER - the grantee can
create subclasses of the class.
GRANT/REVOKE EXECUTE on <user_defined_type>
GRANT/REVOKE UNDER on <user_defined_type>
SQL modules, user defined types and SQL stored procedures are
exposed to GRANT/REVOKE in the same namespace, therefore care must
be taken avoid inadvertently granting to multiple objects at the