Channel authentication record properties
We can set properties for channel authentication record objects.
The following tables list the properties that we can set:
For each property, there is a brief description of when you might need to configure it. The tables also give the equivalent MQSC parameter for the SET CHLAUTH and DISPLAY CHLAUTH commands. For more information about MQSC commands, see Administration using MQSC commands.
General page
The following table lists the properties that we can set on the General page of the Channel Authentication Records properties dialog.
Property Meaning MQSC parameter Channel profile Channel profile name. See SET CHLAUTH. PROFILE Type Can be Address Map, Block Address List, Block User List, Queue Manager Map, SSL Peer Map or User Map. See SET CHLAUTH. TYPE Description Type a meaningful description of the purpose of the channel authentication record. See Entering strings in MQ Explorer. DESCR
Address page
The following table lists the properties that we can set on the Address page of the Channel Authentication Records properties dialog.
Note:This parameter is valid with the property TYPE(ADDRESSMAP), TYPE(QMGRMAP), TYPE(SSLPEERMAP) and TYPE(USERMAP).
Property Meaning MQSC parameter Address Specifies the filter to be used to compare with the IP address of the partner queue manager or client at the other end of the channel. For SET command this parameter is mandatory with TYPE(ADDRESSMAP). See SET CHLAUTH. ADDRESS
Block address page
The following table lists the properties that we can set on the Block address page of the Channel Authentication Records properties dialog.
Note:This parameter is only valid with the property TYPE(BLOCKADDR).
Property Meaning MQSC parameter Address list A list of IP address patterns which are blocked from connecting to this queue manager using any channel. See SET CHLAUTH. ADDRLIST
Block user page
The following table lists the properties that we can set on the Block user page of the Channel Authentication Records properties dialog.
Note:This parameter is only valid with the property TYPE(BLOCKUSER).
Property Meaning MQSC parameter User list A list of user IDs that are blocked from use of this channel or set of channels. See SET CHLAUTH. USERLIST
Queue manager page
The following table lists the properties that we can set on the Queue manager page of the Channel Authentication Records properties dialog.
Note:This parameter is only valid with the property TYPE(QMGRMAP).
Property Meaning MQSC parameter Remote queue manager Specifies the remote partner queue manager name pattern. See SET CHLAUTH. QMNAME
SSL peer page
The following table lists the properties that we can set on the SSL peer page of the Channel Authentication Records properties dialog.
Note:This parameter is only valid with the property TYPE(SSLPEERMAP).
Property Meaning MQSC parameter Peer name The value of the Distinguished Name on the certificate from the peer queue manager or client at the other end of the IBM MQ channel. When the channel starts, the value of this property is compared with the Distinguished Name of the certificate. See SET CHLAUTH. SSLPEER SSL/TLS issuer's Distinguished Name If this optional parameter is specified, it only allows connections from partner queue managers for which the certificate was issued by a Certificate Authority with a matching Distinguished Name. See SET CHLAUTH. SSLCERTI
Client user page
The following table lists the properties that we can set on the Client user page of the Channel Authentication Records properties dialog.
Note:This parameter is only valid with the property TYPE(USERMAP).
Property Meaning MQSC parameter Client user ID Specifies the client asserted user ID. See SET CHLAUTH. CLNTUSER
Extended page
The following table lists the properties that we can set on the Extended page of the Channel Authentication Records properties dialog. See SET CHLAUTH.
Property Meaning MQSC parameter User source Source of the user ID to be used for MCAUSER at run time. Possible values are Channel, Map and No access. USERSRC MCA user ID Message channel user ID to be used when the inbound connection matches the SSL DN, IP address, client asserted user ID or remote queue manager name supplied. This property is enabled only when User source selected is Map. MCAUSER Warning Indicates whether this record should operate in warning mode. Possible values are Yes or No. WARN Check client connection Specifies whether the connection that matches this rule and is being allowed in with USERSRC(CHANNEL) or USERSRC(MAP), must also specify a valid user ID and password. CHCKCLNT Custom This property is reserved for the configuration of new features before separate properties have been introduced. CUSTOM
Statistics page
The Statistics page of the Channel Authentication Records properties dialog displays read-only information showing when the properties of the channel authentication record were last changed. We cannot edit the values of these properties. See DISPLAY CHLAUTH.
Parent topic: Properties
Property Meaning MQSC parameter Alteration date Read-only. This is the date on which the authentication information object properties were last altered. ALTDATE Alteration time Read-only. This is the time at which the authentication information object properties were last altered. ALTTIME
Related reference
Related information