MQZ_GET_EXPLICIT_AUTHORITY - Get explicit authority

This function is provided by a MQZAS_VERSION_1 authorization service component, and is started by the queue manager to retrieve the authority that an entity has to access the specified object, including (if the entity is a principal) authorities possessed by the groups in which the principal is a member. Authorities from generic profiles are included in the returned authority set.

On UNIX, for the built-in IBM MQ object authority manager (OAM), the returned authority is that possessed only by the principal's primary group.

The function identifier for this function (for MQZEP) is MQZID_GET_EXPLICIT_AUTHORITY.


Syntax

MQZ_GET_EXPLICIT_AUTHORITY( QMgrName , EntityName , EntityType , ObjectName , ObjectType , Authority , ComponentData , Continuation , CompCode , Reason )


Parameters

    QMgrName
    Type: MQCHAR48 - input

    Queue manager name. The name of the queue manager calling the component. This name is padded with blanks to the full length of the parameter; the name is not terminated by a null character.

    The queue manager name is passed to the component for information; the authorization service interface does not require the component to use it in any defined manner.

    EntityName
    Type: MQCHAR12 - input

    Entity name. The name of the entity for which access to the object is to be retrieved. The maximum length of the string is 12 characters; if it is shorter than that it is padded to the right with blanks. The name is not terminated by a null character.

    EntityType
    Type: MQLONG - input Entity type. The type of entity specified by EntityName. It must be one of the following values:

      MQZAET_PRINCIPAL
      Principal.

      MQZAET_GROUP
      Group.

    ObjectName
    Type: MQCHAR48 - input

    Object name. The name of the object for which the entity authority is to be retrieved. The maximum length of the string is 48 characters; if it is shorter than that it is padded to the right with blanks. The name is not terminated by a null character.

    If ObjectType is MQOT_Q_MGR, this name is the same as QMgrName.

    ObjectType
    Type: MQLONG - input Object type. The type of entity specified by ObjectName. It must be one of the following values:

      MQOT_AUTH_INFO
      Authentication information.

      MQOT_CHANNEL
      Channel.

      MQOT_CLNTCONN_CHANNEL
      Client connection channel.

      MQOT_LISTENER
      Listener.

      MQOT_NAMELIST
      Namelist.

      MQOT_PROCESS
      Process definition.

      MQOT_Q
      Queue.

      MQOT_Q_MGR
      Queue manager.

      MQOT_SERVICE
      Service.

      MQOT_TOPIC
      Topic.

    Authority
    Type: MQLONG - input

    Authority of entity. If the entity has one authority, this field is equal to the appropriate authorization operation (MQZAO_* constant). If it has more than one authority, this field is the bitwise OR of the corresponding MQZAO_* constants.

    ComponentData
    Type: MQBYTE x ComponentDataLength - input/output

    Component data. This data is kept by the queue manager on behalf of this particular component; any changes made to it by any of the functions provided by this component are preserved, and presented the next time one of these component functions is called.

    The length of this data area is passed by the queue manager in the ComponentDataLength parameter of the MQZ_INIT_AUTHORITY call.

    Continuation
    Type: MQLONG - output Continuation indicator set by component. The following values can be specified:

      MQZCI_DEFAULT
      Continuation dependent on queue manager.

      For MQZ_GET_AUTHORITY, this has the same effect as MQZCI_CONTINUE.

      MQZCI_CONTINUE
      Continue with next component.

      MQZCI_STOP
      Do not continue with next component.

    CompCode
    Type: MQLONG - output Completion code. It must be one of the following values:

      MQCC_OK
      Successful completion.

      MQCC_FAILED
      Call failed.

    Reason
    Type: MQLONG - output

    Reason code qualifying CompCode.

    If CompCode is MQCC_OK:

      MQRC_NONE
      (0, X'000') No reason to report.

    If CompCode is MQCC_FAILED:

      MQRC_NOT_AUTHORIZED
      (2035, X'7F3') Not authorized for access.

      MQRC_SERVICE_ERROR
      (2289, X'8F1') Unexpected error occurred accessing service.

      MQRC_SERVICE_NOT_AVAILABLE
      (2285, X'8ED') Underlying service not available.

      MQRC_UNKNOWN_ENTITY
      (2292, X'8F4') Entity unknown to service.

    For more information about these reason codes, see API reason codes.


C invocation

MQZ_GET_EXPLICIT_AUTHORITY (QMgrName, EntityName, EntityType,
                           ObjectName, ObjectType, &Authority,
                           ComponentData, &Continuation,
                           &CompCode, &Reason);
The parameters passed to the service are declared as follows:
MQCHAR48  QMgrName;          /* Queue manager name */
MQCHAR12  EntityName;        /* Entity name */
MQLONG    EntityType;        /* Entity type */
MQCHAR48  ObjectName;        /* Object name */
MQLONG    ObjectType;        /* Object type */
MQLONG    Authority;         /* Authority of entity */
MQBYTE    ComponentData[n];  /* Component data */
MQLONG    Continuation;      /* Continuation indicator set by
                                component */
MQLONG    CompCode;          /* Completion code */
MQLONG    Reason;            /* Reason code qualifying CompCode */
Parent topic: Installable services interface reference information