+

Search Tips | Advanced Search

Command resource security checking for alias queues and remote queues

Alias queue and remote queues both provide indirection to another queue. Additional points apply when you consider security checking for these queues.


Alias queues

When you define an alias queue, command resource security checks are only performed against the name of the alias queue, not against the name of the target queue to which the alias resolves.

Alias queues can resolve to both local and remote queues. If we do not want to permit users access to certain local or remote queues, we must do both of the following:
  1. Do not allow the users access to these local and remote queues.
  2. Restrict the users from being able to define aliases for these queues. That is, prevent them from being able to issue DEFINE QALIAS and ALTER QALIAS commands.


Remote queues

When you define a remote queue, command resource security checks are performed only against the name of the remote queue. No checks are performed against the names of the queues specified in the RNAME or XMITQ attributes in the remote queue object definition.

Parent topic: Profiles for command resource security

Last updated: 2020-10-04