Blocking specific user IDs
We can prevent specific users from using a channel by specifying user IDs that, if asserted, cause the channel to end. Do this by setting a channel authentication record.
Before starting
Ensure that channel authentication records are enabled as follows:ALTER QMGR CHLAUTH(ENABLED)
Procedure
Set a channel authentication record using the MQSC command SET CHLAUTH, or the PCF command Set Channel Authentication Record. For example, we can issue the MQSC command:SET CHLAUTH(' generic-channel-name ') TYPE(BLOCKUSER) USERLIST(userID1, userID2)
- generic-channel-name is either the name of a channel to which we want to control access, or a pattern including the asterisk (*) symbol as a wildcard that matches the channel name.
- The user list provided on a TYPE(BLOCKUSER) only applies to SVRCONN channels and not queue manager to queue manager channels.
- userID1 and userID2 are each the ID of a user that is to be prevented from using the channel. We can also specify the special value *MQADMIN to refer to privileged administrative users. For more information about privileged users, see Privileged users. For more information about *MQADMIN, see SET CHLAUTH.
Related information