Setting up security
Using RACF
(R)
classes and profiles
Using RACF security classes
RACF profiles
Switch profiles
Switches and classes
How switches work
Overriding queue-sharing group level settings
Profiles to control subsystem security
Profiles to control queue-sharing group or queue manager level security
Valid combinations of switches
Resource level checks
An example of defining switches
Profiles used to control access to WebSphere MQ resources
Profiles for connection security
Connection security profiles for batch connections
Connection security profiles for CICS connections
Connection security profiles for IMS connections
Connection security profiles for the channel initiator
Profiles for queue security
Considerations for alias queues
Using alias queues to distinguish between MQGET and MQPUT requests
Considerations for model queues
Close options on permanent dynamic queues
Security and remote queues
Dead-letter queue security
System queue security
API-resource security access quick reference
Profiles for processes
Profiles for namelists
Profiles for alternate user security
Profiles for context security
Profiles for command security
Profiles for command resource security
Command resource security checking for alias queues
Command resource security checking for remote queues
Using the RESLEVEL security profile
The RESLEVEL profile
RESLEVEL and batch connections
RESLEVEL and system functions
RESLEVEL and CICS connections
User IDs checked
Completion codes
How RESLEVEL can affect the checks made
RESLEVEL and IMS connections
Completion codes
How RESLEVEL can affect the checks made
RESLEVEL and channel initiator connections
Completion codes
How RESLEVEL can affect the checks made
RESLEVEL and intra-group queuing
RESLEVEL and the user IDs checked
User IDs for security checking
User IDs for connection security
User IDs for command security and command resource security
User IDs for resource security (MQOPEN and MQPUT1)
User IDs checked for batch connections
Batch connection example
User IDs checked for CICS connections
CICS example
User IDs checked for IMS connections
User IDs used by the channel initiator
Receiving channels using TCP/IP
Receiving channels using LU 6.2
Client MQI requests
Channel initiator example
User IDs used by the intra-group queuing agent
Blank user IDs and UACC levels
WebSphere MQ security management
User ID reverification
User ID timeouts
Refreshing queue manager security
Refreshing SSL security
Displaying security status
Security installation tasks
Setting up WebSphere MQ data set security
RACF authorization of started-task procedures
Authorizing access to data sets
Setting up WebSphere MQ resource security
Configuring your system to use the Secure Sockets Layer (SSL)
Auditing considerations
Auditing RESLEVEL
Statistics
Customizing security
Security problem determination
Violation messages
What to do if access is allowed or disallowed incorrectly
Security considerations for distributed queuing
The channel initiator
Cluster support
Security considerations for using WebSphere MQ with CICS
Controlling the security of CICS transactions supplied by WebSphere MQ
CICS adapter user IDs
User ID checking for WebSphere MQ resources during PLTPI and PLTSD
Terminal user IDs
Automating starting of CKTI
Propagating the CKTI user ID to other CICS transactions
Security considerations for the CICS bridge
Authority
Security considerations for using WebSphere MQ with IMS
Using the OPERCMDS class
Security considerations for the IMS bridge
Connecting to IMS
Application access control
Security checking on IMS
Security checking done by the bridge
Using RACF passtickets in the IMS header
Example security scenarios
The two queue managers scenario
Security switch settings
WebSphere MQ object definitions
Queue manager QM1
Queue manager QM2
User IDs used in scenario
Security profiles and accesses required
Security profiles required for a batch application
Security profiles required for a CICS application
The queue-sharing group scenario
Security switch settings
WebSphere MQ object definitions
Queue manager QM1
Queue manager QM2
User IDs used in scenario
Security profiles and accesses required
Security profiles required for a batch application
WebSphere MQ security implementation checklist
Notices
|
Downloads
|
Library
|
Support
|
Feedback
csq83hz