| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Channel security exit checking # of connections on receiver |
« View previous topic :: View next topic » |
| Author |
Message
|
| Mr Butcher |
 Posted: Tue Aug 26, 2008 12:10 am Post subject: Channel security exit checking # of connections on receiver |
 |
|
Padawan
Joined: 23 May 2005
Posts: 1716
|
Hello,
for receiving channels i want to add code to my security exit (z/OS, Assembler) that will check for the number of connections to this receiver (and allow only 1 connection). Unfortunately, the supplied exit structures MQCD and MQCXP do not provide any kind of connection counter.
Is there any other possibility / trick / workaround to get the number of connections or to block all connections from the second connection on without the need to inquire the channel status?
yes, i know blockip2 is able to do that, but i already have my own exit in place and want to enhance this one. i do not want to use blockip2
_________________
Regards, Butcher |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Tue Aug 26, 2008 8:32 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
As I understand it the source code for blockIp2 is available. Have you looked at how Joergen does it?
Enjoy 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| Mr Butcher |
| Posted: Wed Aug 27, 2008 3:41 am Post subject: |
|
|
Padawan
Joined: 23 May 2005
Posts: 1716
|
i am not a c guru, but from what i understood he is going for the channel status
_________________
Regards, Butcher |
|
| Back to top |
|
|
| RogerLacroix |
| Posted: Wed Aug 27, 2008 8:17 pm Post subject: Re: Channel security exit checking # of connections on recei |
|
|
Jedi Knight
Joined: 15 May 2001
Posts: 3264
Location: London, ON Canada
|
| Mr Butcher wrote: |
| that will check for the number of connections to this receiver (and allow only 1 connection). |
This feature is one of many features in both MQAUSX & MQSSX security solutions.
| Mr Butcher wrote: |
| but i already have my own exit in place |
Maybe we already have your feature in MQAUSX or MQSSX. Hence, you could get everything in one package.
If not, I'm open to adding new features to either MQAUSX or MQSSX.
Regards,
Roger Lacroix
Capitalware Inc.
_________________
Capitalware: Transforming tomorrow into today.
Connected to MQ!
Twitter |
|
| Back to top |
|
|
| oz1ccg |
| Posted: Fri Aug 29, 2008 6:44 am Post subject: |
|
|
Yatiri
Joined: 10 Feb 2002
Posts: 628
Location: Denmark
|
Mr Butcher wrote:
| Quote: |
i am not a c guru, but from what i understood he is going for the channel status
|
BlockIP2 was changed long time ago to use "shared" memory to boot performance. Using the channel status was how it was done in the old slow one, it was changed back in 2005 and windows in 2006.
The channel status is kept in the BlockIP2 source for easy support for new platforms that have challanges to support shared memory like Windows.
I would use some shared storage to keep track of this, the challange is to "register" it without MODESET MODE=SUP, so it's shareable between channel invocations.
I hope this helps.
-- Lock it or lost it -- 
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT. |
|
| Back to top |
|
|
| Mr Butcher |
| Posted: Mon Sep 01, 2008 1:23 am Post subject: |
|
|
Padawan
Joined: 23 May 2005
Posts: 1716
|
as i wrote in my first post, i am on z/OS using assembler. but thanks anyway.
_________________
Regards, Butcher |
|
| Back to top |
|
|
| oz1ccg |
| Posted: Mon Sep 01, 2008 11:20 am Post subject: |
|
|
Yatiri
Joined: 10 Feb 2002
Posts: 628
Location: Denmark
|
Sorry, it was not to offend you. 
There are more ways to have shared storage, it all depends on how you can/will control it..
GETMAIN, but as far as I know to ancor it correctly you need to be in MODESET MODE=SUP/KEY0. This is quite tricky when the module is invoked unauth. Inspiration can be found in SupportPac MS13
Allocate shared storage under USS control, this requires program controlled mode like the way CSQ4BCX3 uses. (I've not tried this approach from ASM).
Use a DATASPACE, whwere the anchor point is handle using the ALETs, normally only accesseble from ASM.
Another thing to consider when working with your logic on a RCVR/RQSTR channel, by just allowing one to run: What about the ADOPT situation, where the SDR is restarted ? I don't know if the new RCVR is comming up before the old one is terminated or MQXR_INIT is presented to the exit before MQXR_TERM is presented for the old one.
-- Lock it or Lose it --
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT. |
|
| Back to top |
|
|
| Mr Butcher |
| Posted: Tue Sep 02, 2008 5:43 am Post subject: |
|
|
Padawan
Joined: 23 May 2005
Posts: 1716
|
sorry if my answer sounded rude...
i think thats way too complicated (for me). i'll go for the channel status then, its only executed at channel start tiime... i just wanted to avoid all this "display chstatus command send and read answer messages " - coding thats why i asked for an alternate solution.....
_________________
Regards, Butcher |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
