Mapping an IP address to an MCAUSER user ID

We can use a channel authentication record to set the MCAUSER attribute of a channel, according to the IP address from which the connection is received.

Before starting

Ensure that channel authentication records are enabled as follows:

ALTER QMGR CHLAUTH(ENABLED)

Procedure

Set a channel authentication record using the MQSC command SET CHLAUTH, or the PCF command Set Channel Authentication Record. For example, we can issue the MQSC command:

SET CHLAUTH(' generic-channel-name ') TYPE(ADDRESSMAP) ADDRESS(' generic-ip-address ') USERSRC(MAP) MCAUSER(user)

generic-channel-name is either the name of a channel to which we want to control access, or a pattern including the asterisk (*) symbol as a wildcard that matches the channel name.
user is the user ID to be used for all connections using the specified DN.
generic-ip-address is either the address from which the connection is being made, or a pattern including the asterisk (*) as a wildcard or the hyphen (-) to indicate a range, that matches the address.

Related information

SET CHLAUTH