Mapping a client user ID to an MCAUSER user ID

We can use a channel authentication record to change the MCAUSER attribute of a server-connection channel, according to the user ID received from a client.

Before starting

Ensure that channel authentication records are enabled as follows:

ALTER QMGR CHLAUTH(ENABLED)

Note that this technique applies only to server-connection channels. It has no effect on other channel types.

Procedure

Set a channel authentication record using the MQSC command SET CHLAUTH, or the PCF command Set Channel Authentication Record . For example, we can issue the MQSC command:

SET CHLAUTH(' generic-channel-name ') TYPE (USERMAP) CLNTUSER(client-user-name) USERSRC(MAP) MCAUSER(
user)

generic-channel-name is either the name of a channel to which we want to control access, or a pattern including the asterisk (*) symbol as a wildcard that matches the channel name.
client-user-name is the user ID associated with the clients connection, the value could be asserted by the client application, altered by connection authentication using early adopt or set via a channel exit.
user is the user ID to be used instead of the client user name.

Mapping a client user ID to an MCAUSER user ID

Before starting

Procedure

Related information