The Object Authority Manager (OAM)This is automatically installed and enabled for each queue manager you create, unless you specify otherwise. All actions performed by an application connected to a queue manager are authenticated by the queue manager by a component called OAM. Every time an application attempts any action against a WebSphere MQ object, the OAM ensures that the identity under which that application is connected to QM has been set to allow the type of access it is requesting on the object. The QM interrogates the operating environment to discover the user id associated with the application, it exploits the security feature of the underlying operating system, using operating system user and group id.Benefit/risk: OAM is very easy to maintain as it is default functionality of MQ, and correlate with Local OS security system. But this option doesnt provide direct flexibility to extend the authentication and authorization in our own way, and also its not fully secure because if anybody knows the credential of QM and OS user can easy to access the queue(s). -bash-4.1$ dmpmqaut ?Usage: dmpmqaut [-m QMgrName] [-n Profile | -l] [-t ObjType] [-p Principal | -gGroup] [-s ServiceComponent] [-e | -x]To dispaly authorization of users(Ex: Displays How many users/groups can access that particular MQ object)=====================================dmpmqaut -m B -t queue -n B.LQdmpmqaut -m B -t qmgrTo display auhorization of MQ Objects:(EX: Displays How many MQ object commands can execute particular user or group.)====================================dspmqaut -m B -t queue -n B.LQ -g mqmTo set autherizations for MQ objects:====================================setmqaut -m B -t qmgr -p ramesh +connect +inqsetmqaut -m B -t queue -n B.LQ -p ramesh +allmqisetmqaut -m B -t queue -n B.LQ -p ramesh +putto dipay autherizations:========================dspmqaut -m B -t queue -n B.LQ -p rameshEntity ramesh has the following authorizations for object B.LQ: put