Authorization service interface

The authorization service provides the following entry points for use by the queue manager:

MQZ_INIT_AUTHORITY
Initializes authorization service component.

MQZ_TERM_AUTHORITY
Terminates authorization service component.

MQZ_CHECK_AUTHORITY
Checks whether an entity has authority to perform one or more operations on a specified object.

MQZ_SET_AUTHORITY
Sets the authority that an entity has to a specified object.

MQZ_GET_AUTHORITY
Gets the authority that an entity has to access a specified object.

MQZ_GET_EXPLICIT_AUTHORITY
Gets either the authority that a named group has to access a specified object (but without the additional authority of the nobody group) or the authority that the primary group of the named principal has to access a specified object.

MQZ_COPY_ALL_AUTHORITY
Copies all the current authorizations that exist for a referenced object to another object.

MQZ_ENUMERATE_AUTHORITY_DATA
Retrieves all the authority data that matches the selection criteria specified.

MQZ_DELETE_AUTHORITY
Deletes all authorizations associated with a specified object.

MQZ_REFRESH_CACHE
Refresh all authorizations.

In addition, on WebSphere MQ for Windows, the authorization service provides the following entry points for use by the queue manager:

These entry points support the use of the Windows Security Identifier (NT SID).

These names are defined as typedefs, in the header file cmqzc.h, which can be used to prototype the component functions.

The initialization function (MQZ_INIT_AUTHORITY) must be the main entry point for the component. The other functions are invoked through the entry point address that the initialization function has added into the component entry point vector.

See Creating your own service component for more information.

 

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.

 

IBM is a trademark of the IBM Corporation in the United States, other countries, or both.