Authorization on z/OS

Administration security controls users' permissions to access an integration node and its resources, and to complete administrative tasks.

On z/OS®, WebSphere® MQ uses the System Authorization Facility (SAF) to route requests for authority checks to an external security manager (ESM) such as the z/OS Security Server Resource Access Control Facility (RACF®). WebSphere MQ does no authority checks of its own. All information about integration node administration security on z/OS assumes that you are using RACF as your ESM. If you are using a different ESM, you might need to interpret the information provided for RACF in a way that is relevant to your ESM.

If you are activating security on the WebSphere MQ queue manager on z/OS for the first time, you must set up the profiles or other resources that are required by your ESM to access queues. You must also check that the queue manager is configured to access the security profiles in the correct class; MQQUEUE for uppercase queue names and MXQUEUE for mixed case queue names.

For further information about queue manager security and security profiles, see the z/OS System Administration Guide and z/OS System Setup Guide sections of the WebSphere MQ Version 7.5 product documentation online.