Other ways of providing your own application level security
If the API exit or API-crossing exit is not supported in your system environment,
you might want to consider other ways of providing your own application level
security. One way is to develop a higher level API that encapsulates the MQI.
Programmers then use this API, instead of the MQI, to write WebSphere MQ applications.
The most common reasons for using a higher level API are:
- To hide the more advanced features of the MQI from programmers.
- To enforce standards in the use of the MQI.
- To add function to the MQI. This additional function can be security services.
Some vendor products use this technique to provide application level security
for WebSphere MQ.
If you are planning to provide security services in this way, note the
following regarding data conversion:
- If a security token, such as a digital signature, has been added to the
application data in a message, any code performing data conversion must be
aware of the presence of this token.
- A security token might have been derived from a binary image of the application
data. Therefore, any checking of the token must be done before converting
the data.
- If the application data in a message has been encrypted, it must be decrypted
before data conversion.