Security for remote messaging

This section deals with remote messaging aspects of security.

We must provide users with authority to use the IBM MQ facilities. This is organized according to actions to be taken with respect to objects and definitions. For example:

  • Queue managers can be started and stopped by authorized users
  • Applications must connect to the queue manager and have authority to use queues
  • Message channels must be created and controlled by authorized users
  • Objects are kept in libraries and access to these libraries can be restricted

The message channel agent at a remote site must check that the message being delivered originated from a user with authority to do so at this remote site. In addition, as MCAs can be started remotely, it might be necessary to verify that the remote processes trying to start your MCAs are authorized to do so. There are four possible ways for you to deal with this:

  1. Make appropriate use of the PutAuthority attribute of our RCVR, RQSTR, or CLUSRCVR channel definition to control which user is used for authorization checks at the time incoming messages are put to your queues. See the DEFINE CHANNEL command description in the MQSC Command Reference.
  2. Implement channel authentication records to reject unwanted connection attempts, or to set an MCAUSER value based on the following: the remote IP address, the remote user ID, the TLS Subject Distinguished Name (DN) provided, or the remote queue manager name.
  3. Implement user exit security checking to ensure that the corresponding message channel is authorized. The security of the installation hosting the corresponding channel ensures that all users are properly authorized, so that we do not need to check individual messages.
  4. Implement user exit message processing to ensure that individual messages are vetted for authorization.

Parent topic: Plan authorization