// the find
queuemetrix/mqgatekeeper
IBM MQ LDAP and Active Directory Authentication Exit
A C-language IBM MQ channel security exit that authenticates connecting clients against LDAP or Active Directory instead of relying on OS-level auth. Fills a real gap for shops running legacy WebSphere MQ that need SSO integration without upgrading to IBM MQ 9.x's built-in LDAP support. Two stars, no forks, last touched 2023.
LDAP failover to an alternate server is a practical necessity in enterprise environments and it's there. IP filtering with BlockIP2-compatible rules is a useful add-on. Supporting both one-way and two-way SSL on the client channel is correct — plain-text password over MQ is a common misconfiguration. Prebuilt binaries for AIX and Solaris cover the platforms where old WebSphere MQ deployments actually run.
Source is distributed as binaries with C source alongside — no build CI, no test suite, no way to verify the binary matches the source you're reading. The Makefile targets only AIX and Solaris; Linux x86_64 is absent despite being where most people would actually want this. No CVE history or security disclosure process documented, which matters for a credential-handling exit loaded into a queue manager process. Abandoned since 2023 with IBM MQ evolving; compatibility with MQ 9.3+ is unverified.