Connection security profiles for CICS connections
Profiles for checking connections from CICS take the form:
hlq.CICSwhere
hlq can be either qmgr-name (queue manager name) or
qsg-name (queue-sharing group name). If you are using both queue manager and queue-sharing group level security, WebSphere MQ checks for a profile prefixed by the queue manager name. If it does not find one, it looks for a profile prefixed by the queue-sharing group name. If it fails to find either profile, the connection request fails
For connection requests by CICS, we need only permit the CICS address space user ID access to the connection profile.
For example, the following RACF commands allow the CICS address space user ID KCBCICS to connect to the queue manager TQM1: