Configuring resource security on z/OS queue managers
For z/OS® queue managers, you can activate or deactivate security for the whole queue manager (the subsystem). If security is active at the subsystem level, you can configure the security of the queue manager's resources, and, if the queue manager belongs to a queue-sharing group, you can configure security for the whole of the queue-sharing group.
About this task
If subsystem security is active, when a user accesses an IBM® MQ resource, the queue manager signs the user on to the queue manager. If the user does not access any IBM MQ resources on the queue manager for a predetermined period of time, the user's user ID is "timed out" and is signed out.
In IBM MQ Explorer, you can perform the following tasks:
For more information, see Securing in the IBM MQ online product documentation.
Viewing the queue manager's security settings
There can be none, one, or more security switches present that determine the security of the queue manager. The switches can be set on or set off, and the setting of the switches is determined by the presence or absence of switch profiles. In IBM MQ Explorer, you can view but not configure the setting of the security switches.
Before you begin
About this task
Procedure
Results
Configuring the timeout period of user IDs
If a user is authenticated to access a resource on the queue manager but then doesn't access any of the queue manager's resources for a predetermined length of time, the user's user ID is timed out. IBM MQ can make regular checks to determine whether a user ID has timed out. In IBM MQ Explorer, you can configure the length of the timeout period, and the frequency of checks to determine whether the timeout period has expired.
Before you begin
About this task
Procedure
Results
The changes are shown in the table in the Security dialog.