Home » z/OS Products for IBM MQ » MQ Authenticate User Security Exit for z/OS Overview

Overview Trial Manuals Customers Lifecycle Buy Now!

MQ Authenticate User Security Exit for z/OS Overview

MQAUSX for z/OS logoThe MQ Authenticate User Security Exit for z/OS v3.5.0 (z/MQAUSX) is a solution that allows a company to fully authenticate a user who is accessing an IBM MQ resource. It authenticates the user's UserID and Password against the server's native z/OS system or File Based Authentication.

The security exit will operate with IBM MQ v7.1, v8.0, v9.0, v9.1, v9.2, v9.3 and v9.4 in z/OS v1.4 or higher environments. It works with Server Connection, Client Connection, Sender, Receiver, Server, Requester, Cluster-Sender and Cluster-Receiver channels of IBM MQ queue manager.

The MQ Authenticate User Security Exit for z/OS solution is comprised of 2 components: client-side security exit and server-side security exit.

    z/MQAUSX is 4 products in 1:
  1. If the client application is configured with the client-side security exit then the user credentials are encrypted and sent to the remote queue manager. This is the best level of security.
  2. If the client application is not configured with the client-side security exit and both the client-side AND server-side are at MQ V8 then MQ V8 will encrypt the user credentials as they flow from the client application to the queue manager.
  3. If the client application is not configured with the client-side security exit then the user credentials are sent in plain text to the remote queue manager. This feature is available for Java/JMS, Java and C# DotNet client applications. For native applications (i.e. C/C++), then the application must use and populate the MQCSP structure with the UserID and Password.
  4. If the MQAdmin sets the z/MQAUSX IniFile parameter NoAuth to Y then it functions just like z/MQSSX. z/MQSSX does not authenticate. It filters the incoming connection based on UserID, IP address and/or SSL DN.

Client-Side Security Exit Summary

Server-Side Security Exit Summary

Pricing

Product Price (USD) * Ordering
MQ Authenticate User Security Exit for z/OS (per license**) $3990.00  
Yearly maintenance and support fee 15%  
Total $4590.00

* Volume discounts available for as low as $2990.00 USD per license plus 15% yearly maintenance and support fee.

** MQ Authenticate User Security Exit for z/OS is licensed on a per z/OS queue manager basis.

Enterprise License for MQ Authenticate User Security Exit for z/OS:
Enterprise License for MQ Authenticate User Security Exit for z/OS sells for $75,000 USD plus 15% yearly maintenance and support fee. An enterprise license will allow a company to have unlimited number of z/OS queue managers use MQ Authenticate User Security Exit for z/OS at an unlimited number of locations.