I have a question regarding security for MQSeries V5.2 on Windows NT that I think may apply to other platforms as well.
When MQSeries initiates a process in response to a trigger event, that process runs under a certain userid (e.g., MUSER_MQADMIN under NT). The problem is, every triggered executable will run under the same id. This makes it difficult to grant put/get permissions on queues, as there is no way to distinguish the executables that will be doing the getting/putting. I want to allow some executables to PUT to queue A, and others to PUT to queue B, etc, but I don't see how. IBM sent me a utility - INTLAUNCH - that can be configured with DCOMCNFG to start applications under one further userid, but that's apparently as far as it goes. I'm wondering whether anyone has encountered a similar situation, and if there is a solution short of writing custom trigger monitors. Thanks in advance for your collective expertise! John J Dodd Deutsche Bank Trust Company Americas Corporate Trust & Agency Services Technology 100 Plaza One -- MS# JCY03 - 0605 Jersey City, NJ 07311 Phone: 201-593-6652 Cell: 917-647-1340 Pager: 800-225-0256/pin#9178026157 -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive
