ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum IndexGeneral IBM MQ SupportCHLAUTH question

Post new topicReply to topic
CHLAUTH question View previous topic :: View next topic
Author Message
paulau
PostPosted: Wed May 02, 2018 2:12 am Post subject: CHLAUTH question Reply with quote

Newbie

Joined: 06 Feb 2017
Posts: 9

Hi,
We have 2000 desktop users that send messages with their login ID in MDMD.Useridentifier. The MQMD.Useridentifier is used to authorise the transactions on CICS.
There is no central LDAP capability. Is there a CHLAUTH feature that would allow us to authorise using a local MQ user mapped from the supplied PKI certificate?
The USERSOURCE option we have tried updates the MQMD.UserIdentifier to the same value as the mapping result. Is there an ADOPTCTX feature like the one for AUTHINFO that would let us authorise with one user wile leaving the MQMD.Useridentifier set to the desktop CLNTUSER value?

Regards
Paul
Back to top
View user's profile Send private message
Mangesh1187
PostPosted: Wed May 09, 2018 8:42 am Post subject: Reply with quote

Centurion

Joined: 23 Mar 2013
Posts: 115

Presuming:
1) All the 2000 desktop users are using the same server-con channel OR multiple channels with the fixed pattern.

2) All the 2000 desktop users want same level of authorizations on MQ objects.

3) MQ server is on UNIX/WIN/LINUX with 7.5 or greater version.
(In your query you mentioned CICS and I don't know how chlauth works in CICS MQ)

Requirement :
To map the several SSL cert CN name to the single user on MQ server for further authorizations.

I hope below works:

SET CHLAUTH(channel_Name_Pattern) TYPE(SSLPEERMAP) SSLPEER('CN=*') USERSRC(MAP) MCAUSER('userName') ACTION(ADD)
Back to top
View user's profile Send private message
Display posts from previous:
Post new topicReply to topic Page 1 of 1

MQSeries.net Forum IndexGeneral IBM MQ SupportCHLAUTH question
Jump to:



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP


Theme by Dustin Baccetti
Powered by phpBB 2001, 2002 phpBB Group

Copyright MQSeries.net. All rights reserved.