ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » IBM MQ Java / JMS » MQEnvironment.userID

Post new topic  Reply to topic
 MQEnvironment.userID « View previous topic :: View next topic » 
Author Message
PeterPotkay
PostPosted: Wed Jan 29, 2003 6:45 am    Post subject: MQEnvironment.userID Reply with quote

Poobah

Joined: 15 May 2001
Posts: 7722
I have C application that attempts to Client connect from my pc to QM1 on a remote server. (I set the MQSERVER variable). The app fails with a 2035 error as expected since the MCAUserIdentifier field on the SVRCONN channel is blank, and my pc's ID is not in the mqm group. If I set the MCAUserIdentifier field on the channel to a user in the mqm group, my C app connects in as expected.


I have a Java Applet that connects in Client mode from my pc to QM1 on a remote server via a ServerConn channel that has a blank MCAUserIdentifierField. If I set the MQEnvironment.userID property in the Applet to some garbage value (XXX), it fails with a 2035. That makes sense. But if I set the MQEnvironment.userID to blank, it works! If I don't set the field at all, it also works!

Why does this JAVA applet make a successful connection via the SVRCONN channel if the MCAUserIdentifier is blank, and I don't set a valid value for the UserID in the app?
_________________
Peter Potkay
Keep Calm and MQ On
Back to top
View user's profile Send private message
kingdon
PostPosted: Wed Jan 29, 2003 7:59 am    Post subject: Reply with quote

Acolyte

Joined: 14 Jan 2002
Posts: 63
Location: UK
Hello Peter,

(I've cut & pasted this from the post I sent to Vienna, since there are a couple of related posts on this forum.)

The behaviour is set out in chapter 7 of the MQ Clients manual. When no userid is supplied by the client, and the MCAUSER is blank, the userid that started the channel is used. Since this is typically an id in the mqm group, the connection succeeds. It's for this reason that the manual recommends using non-blank MCAUSER values. A lot of this is now looking rather historical - the design decisions were based on the lack of secure channels and the preference for obvious lack of security over a dangerous illusion of security. You may want to look into the new support for SSL over the channel which addresses most of these problems. The alternative is to use security exits to authenticate the supplied userid.

Cheers,
James.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » IBM MQ Java / JMS » MQEnvironment.userID
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.