IBM MQ security configuration for the IBM MQ Bridge to blockchain
Considerations for setting up IBM MQ security with the IBM MQ Bridge to blockchain.
The following examples show RACF definitions that can be used to give the IBM MQ Bridge to blockchain access to the queues that it needs. The definitions assume that the bridge is running under the MQBCBUSR user ID.
In addition, the IBM MQ Bridge to blockchain needs to be given access to connect to the queue manager, either:- Directly using bindings mode; see Connection security profiles for batch connections, or
- Use a client mode through the CHINIT; see Client MQI requests
Authorization for IBM MQ Bridge to blockchain request queue
Issue the following RACF commands to grant the MQBCBUSR user ID access to receive messages from the default SYSTEM.BLOCKCHAIN.INPUT.QUEUE request queue:RDEFINE MQQUEUE SYSTEM.BLOCKCHAIN.INPUT.QUEUE UACC(NONE) PERMIT SYSTEM.BLOCKCHAIN.INPUT.QUEUE CLASS(MQQUEUE) ID(MQBCBUSR) ACCESS(UPDATE)
Authorization for IBM MQ Bridge to blockchain response queue
Issue the following RACF commands to grant the MQBCBUSR user ID access to send messages to the APPL1.BLOCKCHAIN.REPLY.QUEUE. This queue name is specified on the reply to queue name on the request message:RDEFINE MQQUEUE APPL1.BLOCKCHAIN.REPLY.QUEUE UACC(NONE) PERMIT APPL1.BLOCKCHAIN.REPLY.QUEUE CLASS(MQQUEUE) ID(MQBCBUSR) ACCESS(UPDATE) PERMIT CONTEXT.APPL1.BLOCKCHAIN.REPLY.QUEUE CLASS(MQADMIN) ID(MQBCBUSR) ACCESS(UPDATE)Parent topic: Configure IBM MQ Advanced for z/OS VUE for use with blockchain
Related tasks
Related information