ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » IBM MQ Installation/Configuration Support » MQ Series security from JMS client

Post new topic  Reply to topic
 MQ Series security from JMS client « View previous topic :: View next topic » 
Author Message
sarbajit
PostPosted: Thu May 22, 2003 4:20 am    Post subject: MQ Series security from JMS client Reply with quote

Acolyte

Joined: 22 May 2003
Posts: 53
We are using Websphere MQ 5.3 installed on WIndows 2000 Server and JMS client (running on another machine )to put the messages. But unfortunately, when we are not specifying any user ID / Password, then also we are able to put the messages to the MQ queues.

QueueConnection connect=factory.createQueueConnection();

This is becoming a security threat. We dont want to use channel security exit or SSL. Please let us know, if somehow we can restrict this, i.e, with the default userid MUSR_MQADMIN it won't be possible to connect to the Qmgr. Can we do any type of set up in the MQ level or OS level, that we can authenticate the USER ID/ PASSWORD.

Sorry to disturb you, but it will be of great help if you can help us or throw some pointers.
Back to top
View user's profile Send private message
tillywern
PostPosted: Mon Jun 16, 2003 1:29 pm    Post subject: User id and group. Reply with quote

Centurion

Joined: 28 Jan 2003
Posts: 109
Location: Colorado
If you are creating a client connection to a SVRCONN channel then the user id the process is running under should be the one that MQS uses to evaluate permissions to objects. Try running the JMS program as a different user than the MQ administrator. Creat an application user id on the server side that the application can use.

You can also forse a user id to be used at the channel level. Look at the SRVCONN channel definition and you will see where to set it... Traffic comming in through the channel shoudl be associated with the the id in the definition. You can then use the user id in the channel in conjunction with setmqaut to provide basic security.

Worth a try.
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » IBM MQ Installation/Configuration Support » MQ Series security from JMS client
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.