Security for retrieving callout requests

With the security feature that is provided by the IMS™ OTMA resume tpipe, you can protect callout messages from unauthorized use, with either RACF®, the OTMA resume tpipe security exit routine (DFSYRTUX), or both.

IMS callout requests are retrieved from IMS Connect by using the RESUME TPIPE call. When security is enabled, the user ID issuing the RESUME TPIPE call must be authorized to access the tpipe name that is contained in the RESUME TPIPE call message before any messages are sent to an OTMA client. If security is enabled and the tpipe does not exist at the time the RESUME TPIPE call is issued, the call is rejected.

For message-driven beans (MDBs), Secure Sockets Layer (SSL) authentication is supported for communication with IMS. Security information is specified in the J2C activation specification (IMSActivationSpec) that is configured in WebSphere® Application Server.

For non-MDB applications, you can optionally specify a user ID in your Java™ application if you have configured your IMS security so that only authorized users can retrieve the callout request message from the hold queue. This user ID must be specified in the connection specification in your application or the connection factory that is used by your application.