Authorization

The authorization rules for queues are explained in Table 1. Each cell in the table indicates the processes that may perform the given operation at the given level.

Table 1. Queue Authorization Rules
  Create Delete Open, Write, Close All Other Operations
Process Any process The creator The creator The creator
Session Any process The creator Any process in the creator's session The creator
Network Any process The creator Any process in the creator's session, plus access from outside the session, subject to the authorization constraints imposed by the communication carrier The creator
Operations included in the open, write, close category are those typically used by a client thread. Specifically, they are:
  • QueueOpen
  • QueueSend
  • QueueSendBlock
  • QueueSendReply
  • QueueReply
  • QueueClose.

Authorization rights for a network-level queue are a function of the communication carrier used to connect sessions together. For the APPC/VM carrier, if a user ID is named in the :list. tag of the VMIPC entry in $SERVER$ NAMES, then it may access any network-level queues located in that session. This access is limited to the open, write, close set of operations.