User IDs for security checking on z/OS

IBM MQ initiates security checks based on user IDs associated with users, terminals, applications, and other resources. This collection of topics lists which user IDs are used for each type of security check.

• User IDs for connection security
  The user ID used for connection security depends on the type of connection.
• User IDs for command and command resource security
  The user ID used for command security or command resource security depends on where the command is issued from.
• User IDs for resource security (MQOPEN, MQSUB, and MQPUT1)
  This information shows the contents of the user IDs for normal and alternate user IDs for each type of connection. The number of checks is defined by the RESLEVEL profile. The user ID checked is that used for MQOPEN, MQSUB, or MQPUT1 calls.
• Blank user IDs and UACC levels
  If a blank user ID occurs, a RACF undefined user is signed on. Do not grant wide-ranging access to the undefined user.

Parent topic: Set up security on z/OS