See information about the latest product version
Using WebSphere MQ trusted applications
Configure a broker to run as a WebSphere® MQ trusted application.
Before you start:
- Ensure that your user ID is a member of the mqm group. On UNIX and Linux, specify the user ID mqm as the service user ID when you create the broker. On Windows, use any service user ID that is a member of mqm. Refer to Security requirements for administrative tasks.
- Review the restrictions that WebSphere MQ places on trusted applications that apply to your environment. See the section "Connection to a queue manager using the MQCONNX call" in the Application Programming Guide section of the WebSphere MQ Version 7 Information Center online.
You can configure a broker to run as a trusted (fastpath) application on all supported platforms except z/OS®, where the option is not applicable. If the broker is configured as a trusted application, it runs in the same process as the WebSphere MQ queue manager agent, and all broker processes benefit from an improvement in the overall system performance.
A broker does not run as a trusted application by default; you either create a trusted application by using the mqsicreatebroker command, or modify an existing broker by using the mqsichangebroker command.
Configuring a broker as a trusted application does not affect the operation of WebSphere MQ channel agents or listeners. For more information about running these as trusted applications, see the section "Running channels and listeners as trusted applications" in the Intercommunication section of the WebSphere MQ Version 7 Information Center online.
Take care when deploying user-defined nodes or parsers. Because a trusted application (the broker) runs in the same operating system process as the queue manager, a user-defined node or parser might compromise the integrity of the queue manager. Consider fully the restrictions that apply to your environment and test user-defined nodes and parsers in a non-trusted environment before deploying them in a trusted broker.
You can either configure a broker to run as a trusted application when you create it, or modify an existing broker.