IBM MQ Console: Working with channel authentication records

You can use the IBM® MQ Console to add and delete channel authentication records on a queue manager. You can also view and set the properties for channel authentication records.

About this task

To exercise more precise control over the access that is granted to connecting systems at a channel level, you can use channel authentication records.

To enforce security, you can use blocking channel authentication records to block access to your channels. You can also use address map channel authentication records to allow access to specified users. To learn more about channel authentication records, see Channel authentication records in the IBM MQ product documentation.

Procedure

  • To view the channel authentication information for a queue manager:
    1. Ensure that the queue manager is running, and select it in the queue manager list.
    2. Select View configuration from the menu Shows the menu icon.
    3. Ensure the Security tab is selected.
    4. Select Channel authentication from the navigation panel.
  • To add a channel authentication record:
    1. Click the create button shows the create button in the channel authentication information list view.
    2. Choose the rule type that you want to use. Select one Allow, Block, or Warn.
    3. Choose the type of identity that you are configuring a channel authentication rule for. Different identity types are available, depending on the rule type you selected.
    4. Provide the required information for the identity you are specifying. By default the minimum recommended properties are displayed for you to provide values for. You can view all of the available properties by selecting Show all available options.
    5. Click the create button shows the create button to create the channel authentication record.
    For more information about the available settings for channel authentication records, see Channel authentication records and SET CHLAUTH
  • To delete a channel authentication record:
    1. Click the spanner icon shows the spanner icon next to the channel authentication record that you want to delete.
    2. In the Edit channel authentication view, click Delete channel authentication object.
    3. Confirm that you want to delete the channel authentication record by clicking Delete. The channel authentication record is deleted.
  • To view and edit the properties of a channel authentication record:
    1. Click the spanner icon shows the spanner icon next to the channel authentication record that you want to edit or view. The properties are displayed.
    2. Click the Edit button shows the edit icon
    3. Edit the properties as required. If the property text box is disabled, the property is read-only, or can be edited only from the command line.
    4. Click Save to save your changes.