This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.
MainView for MQ
MainView for WebSphere MQ
MainView for WebSphere MQ: All versions
How do I set up security to give Browse only functionality to selected users of Mainview for Websphere MQ?
The following steps provide an overview on how to set up security in order to give Browse only functionality to selected users of Mainview for Websphere MQ.
Most of the required information is contained in the two MainView security manuals:
- The MainView Security Guide provides a high level / introduction to MainView security.
- The MainView Security Reference Manual provides more detailed / technical information.
MainView products use different types of security based on the infrastructure of the product (mainly based on age). For MainView for Websphere MQ, only Windows Mode Security applies.
MainView products that operate in Windows mode can display one or more windows of product data on a screen at a time. The security interface for Windows mode uses the standard SAF interface to communicate with the External Security Manager (ESM) and requires that you define resources to the ESM and grant or deny access to them.
The best starting point for this is to review each of the following sections in the MainView Security Reference Manual:
- Overview of windows-mode security
- Each MainView product that runs in windows mode has SERDEF administrative views for its resource definitions.
- A list of resources that are protected by MainView for WebSphere MQ
To restrict actions in views to a group of users such as an application support team , you would follow the above steps then grant or deny access to the actions. There is a case study / example of how to do this (using MainView for DB2) in the MainView Security Guide, Appendix A.
In addition to restricting access to the ability to perform actions in MainView for Websphere MQ views, consideration should also be given to securing access to Websphere MQ resources. Depending on how MainView for Websphere MQ has been configured, MQ commands may be issued with either the end user id or the MainView for Websphere MQ Product Address Space (PAS) user id. The user would have to pass the above windows-mode security irrespective of whether MQ commands are issued with the user id or the PAS id. Further details on how to configure this are located in the MainView for WebSphere MQ User Guide:
- Security between MainView for WebSphere MQ and MVS queue manager
- Passing user IDs to MQSeries USER vs. PAS
For further assistance, please raise an issue with BMC Software Customer Support.
- MainView Infrastructure
- MainView for WebSphere MQ