| Author |
Message
|
| Yannanlu |
 Posted: Wed Aug 06, 2003 8:35 am Post subject: channel security again |
 |
|
Apprentice
Joined: 23 Jan 2002
Posts: 27
|
How can I have a channel (RCVR or SVRCONN) protected by a passowrd? Do I have to use channel exit?
Here is what I intent to do:
our MQ env is wild open. Anyone can use JMS to send/get messages. I am wondering if we can set password to protect the MQ objects.
Thanks in advance,
Yannan |
|
| Back to top |
|
 |
| kavithadhevi |
| Posted: Mon Aug 11, 2003 7:34 am Post subject: |
|
|
Master
Joined: 14 May 2002
Posts: 201
Location: USA
|
Why dont you try MCA userid settings on channel. That would eliminate illegal access using that channel. 
_________________
Thanks in Advance.
Kavitha
IBM Certified System Administrator
Websphere MQ v 5.3
www.zealphoenix.com |
|
| Back to top |
|
|
| mrlinux |
| Posted: Mon Aug 11, 2003 8:07 am Post subject: |
|
|
Grand Master
Joined: 14 Feb 2002
Posts: 1261
Location: Detroit,MI USA
|
Wrong by setting the MCA you are allowing anyone to connect to that channel and they will get that users authority.
Your env. should not be wide open by default, what operating system are
you using, also what is the ID in which your programs run ???
_________________
Jeff
IBM Certified Developer MQSeries
IBM Certified Specialist MQSeries
IBM Certified Solutions Expert MQSeries |
|
| Back to top |
|
|
| kavithadhevi |
| Posted: Mon Aug 11, 2003 8:58 am Post subject: |
|
|
Master
Joined: 14 May 2002
Posts: 201
Location: USA
|
I thought by leaving the MCA userid blank will set it to default and anyone can access via the channel. But by specifying the userid in MCA setting will ask for the userid authentication from the application side. Is it not true ? 
_________________
Thanks in Advance.
Kavitha
IBM Certified System Administrator
Websphere MQ v 5.3
www.zealphoenix.com |
|
| Back to top |
|
|
| Yannanlu |
| Posted: Mon Aug 11, 2003 9:41 am Post subject: |
|
|
Apprentice
Joined: 23 Jan 2002
Posts: 27
|
Thanks for response. By setting MCA user and setting the permissions on the objects on behalf of that user will not help. Since there is no authentication, anyone accesses to that channel will be able to have the access to all the objects under that user. I would like to limit the access by password protections.
I guess I have to use channel exit.
Thanks again,
Yannan |
|
| Back to top |
|
|
| interactivechannel |
| Posted: Tue Aug 12, 2003 4:51 am Post subject: |
|
|
Voyager
Joined: 20 May 2003
Posts: 94
Location: uk
|
|
| Back to top |
|
|
|
|
