Figure 2: Complete the adopted authority setup

/* Authorize application user to run application */
GRTOBJAUT OBJ(WORKAPP) OBJTYPE(*PGM) USER(APPUSER1) AUT(*EXECUTE)
 /* Authorize program owner to access DB2 table */
 GRTOBJAUT OBJ(WORKTAB) OBJTYPE(*FILE) USER(PRFWRKAPP) AUT(*CHANGE)
 RVKOBJAUT OBJ(WORKTAB) OBJTYPE(*FILE) USER(*PUBLIC) AUT(*ALL)

 /* Here is SQL version of Grant & Revoke for DB2 table */ 
GRANT ALL ON worktab TO prfwrkapp
REVOKE ALL ON worktab FROM PUBLIC