PUT authority (PUTAUT)
This attribute specifies the type of security processing to be carried out by the MCA.
- Receiver
- Requester
- Server connection ( z/OS® only)
- Cluster receiver
- An MQPUT command to the destination queue (for message channels), or
- An MQI call (for MQI channels).
- Process security, also called default authority (DEF)
- The default user ID is used.
On platforms other than z/OS, the user ID used to check open authority on the queue is that of the process or user running the MCA at the receiving end of the message channel.
On z/OS, both the user ID received from the network, and the user ID derived from MCAUSER might be used, depending on the number of user IDs that are to be checked.
The queues are opened with this user ID and the open option MQOO_SET_ALL_CONTEXT.
- Context security (CTX)
- The user ID from the context information associated with the message is used as an alternate
user ID.
The
UserIdentifier
in the message descriptor is moved into theAlternateUserId
field in the object descriptor. The queue is opened with the open options MQOO_SET_ALL_CONTEXT and MQOO_ALTERNATE_USER_AUTHORITY.On platforms other than z/OS, the user ID used to check open authority on the queue for MQOO_SET_ALL_CONTEXT and MQOO_ALTERNATE_USER_AUTHORITY is that of the process or user running the MCA at the receiving end of the message channel. The user ID used to check open authority on the queue for MQOO_OUTPUT is the
UserIdentifier
in the message descriptor.On z/OS, the user ID received from the network or that derived from MCAUSER might be used, as well as the user ID from the context information in the message descriptor, depending on the number of user IDs that are to be checked.
Context security (CTX) is not supported on server-connection channels.
- Only Message Channel Agent security (ONLYMCA)
- The user ID derived from MCAUSER is used.
Queues are opened with the open option MQOO_SET_ALL_CONTEXT.
This value only applies to z/OS.
- Alternate Message Channel Agent security (ALTMCA)
- The user ID from the context information (the
UserIdentifier
field) in the message descriptor might be used, as well as the user ID derived from MCAUSER, depending on the number of user IDs that are to be checked.This value only applies to z/OS.
Further details about context fields and open options can be found in Controlling context information.
- Security
- Setting up security on Windows, UNIX and Linux® systems for IBM MQ UNIX systems and Windows systems,
- Setting up security on IBM i for IBM MQ for IBM i
- Setting up security on z/OS for IBM MQ for z/OS