gtpi1m5b | System Installation Support Reference |
The TPF MQSeries channel security user exit (rriCALL_SCYEXIT in
segment CUIT), provides security protection for data that the TPF MQSeries
transfers. This ensures that the resources that the TPF MQSeries queue
manager owns and manages are protected from unauthorized access.
rriCALL_SCYEXIT provides support for both sender and receiver
channels. Channel security exits at both ends of the channel are given
the opportunity to send security messages and to reject or terminate a
connection.
rriCALL_SCYEXIT is called:
- After a channel is connected but before sending any messages.
- When a security message is received.
- When a channel connection is ended.
Input
- pExitParms
- A pointer to the MQCXP data structure in
c$cmqxc.h that contains the channel exit parameters
(ExitID and ExitReason).
- pChannelDef
- A pointer to the MQCD data structure in c$cmqxc.h
that contains the channel definition parameters.
- DataLength
- A received message indicator. If DataLength contains a nonzero
number, a security message has been received.
- pAgentBufferLength
- The length of a received security message.
- AgentBuffer
- A pointer to a received security message
Programming Considerations
- Compile (with the C++ compiler) and link-edit CUIT into the MQSeries
dynamic link library (DLL) called CMQU (build script called CMQUBS).
- A channel must first be defined using the ZMQSC DEF CHL command with the
SCYEXIT-YES and SCYDATA parameters. If a channel is defined with the
SCYEXIT-NO parameter, CUIT will not be called.
- If a security message needs to be sent, do the following:
- Create a security message in a user-defined malloc area.
- Specify the buffer address of the user-defined malloc area in the
ExitBuffer output parameter.
- Specify the length of the security message in the ExitBufferLength output
parameter.
Return Values
Set one of the following exit response codes in the ExitResponse field in
the MQCXP structure in c$cmqxc.h:
- MQXCC_OK
- Indicates that the security check is successful.
- MQXCC_SEND_SEC_MSG
- Send a user-defined security message in response to a request from the
other end.
- MQXCC_SEND_AND_REQUEST_SEC_MSG
- Send a user-defined security message with a request to respond.
- MQXCC_SUPPRESS_FUNCTION
- Close the channel.
- MQXCC_CLOSE_CHANNEL
- Close the channel.
- Note:
- Any other value passed in the ExitResponse field will cause the channel to be
closed.