You can use WebSphere® MQ queues to authorize users to complete specific tasks against an integration node and its resources.
The queue SYSTEM.BROKER.AUTH is created when you use the mqsichangeauthmode command to enable queue-based administration security (mq mode) on the integration node. When you create an integration server on an integration node for which you have enabled queue-based administration security, the integration server authorization queue SYSTEM.BROKER.AUTH.EG is created (if it did not already exist), where EG is the name of the integration server. The SYSTEM.BROKER.DC.AUTH queue is created when you use the mqsicreatebroker command to create an integration node with an associated queue manager. For more information about these authorization queues, see Authorization queues for queue-based administration security.
You can set permissions to individual principals (user IDs), to groups of users, or both, on all platforms:
When you change permissions on a queue, the integration node accesses the updated values the next time that a request is processed. You do not have to stop and restart the integration node.
If you update user ID or group membership by using the operating system facilities on the platform on which the integration node queue manager is running, you must ensure that the queue manager is aware of these changes. Select the option Refresh Authorization Service in the WebSphere MQ Explorer to notify the queue manager of the updated status.