|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
|
|
Username specified in a server.xml is ignored (tomcat) |
« View previous topic :: View next topic » |
Author |
Message
|
fksouls |
Posted: Tue Sep 28, 2021 5:57 am Post subject: Username specified in a server.xml is ignored (tomcat) |
|
|
Newbie
Joined: 28 Sep 2021 Posts: 4
|
Hi,
first of all, I'm not sure if it's a tomcat, an application or an ibmmq issue, so sorry if I posted in the wrong place.
I have deployed mq container based on ibmcom/mq:9.1.4.0-r1 image.
Also, I have an application deployed as a tomcat-based docker container.
I specified connection factories and queues in a server.xml file:
Code: |
<Resource name="jms/MyRequestConnFactory"
auth="Container"
type="com.ibm.mq.jms.MQQueueConnectionFactory"
factory="com.ibm.mq.jms.MQQueueConnectionFactoryFactory"
username="testuser"
password="cfpass"
HOST="mq"
PORT="1418"
CHAN="MYCHANNEL"
TRAN="1"
QMGR="MYQMGR" />
<Resource name="jms/MyResponseConnFactory"
auth="Container"
type="com.ibm.mq.jms.MQQueueConnectionFactory"
factory="com.ibm.mq.jms.MQQueueConnectionFactoryFactory"
username="testuser"
password="cfpass"
HOST="mq"
PORT="1418"
CHAN="MYCHANNEL"
TRAN="1"
QMGR="MYQMGR" />
<Resource name="jms/MyRequestQueue"
auth="Container"
type="com.ibm.mq.jms.MQQueue"
factory="com.ibm.mq.jms.MQQueueFactory"
QU="A_TO_B_QUEUE" />
<Resource name="jms/MyResponseQueue"
auth="Container"
type="com.ibm.mq.jms.MQQueue"
factory="com.ibm.mq.jms.MQQueueFactory"
QU="B_TO_A_QUEUE" /> |
The problem is that tomcat is trying to connect to queue manager with a current user of a docker container (which is "tomcat"), not the user specified in a server.xml file (which is "testuser").
I have another app deployed as a wildfly-based docker container, and there is no such issue with it. It's using the exact username I specified in standalone.xml file.
If I set CHCKCLNT to NONE my app can successfully connect, but I wish to have authentication enabled.
I get the following "docker logs" output for mq container
Quote: |
2021-09-28T13:35:26.006Z AMQ5540E: Application 'catalina.startup.Bootstrap' did not supply a user ID and password
2021-09-28T13:35:36.008Z AMQ9557E: Queue Manager User ID initialization failed for 'tomcat'. |
As you can see it says "initialization failed for 'tomcat'", though the specified user is "testuser".
My mq Dockerfile:
Code: |
FROM ibmcom/mq:9.1.4.0-r1
USER root
ENV LICENSE=accept
ENV MQ_QMGR_NAME=MYQMGR
ENV MQ_APP_PASSWORD=cfpass
RUN useradd testuser -G mqclient && \
echo testuser:cfpass | chpasswd
USER mqm
COPY 20-config.mqsc /etc/mqm/ |
My 20-config.mqsc (without defining of queues and topics):
Code: |
DEFINE CHANNEL(MYCHANNEL) +
CHLTYPE(SVRCONN) +
TRPTYPE(TCP);
DEFINE LISTENER(Listener) +
TRPTYPE(TCP) +
PORT(1418) +
CONTROL(QMGR);
ALTER QMGR CONNAUTH(USE.PW)
DEFINE AUTHINFO(USE.PW) +
AUTHTYPE(IDPWOS) +
ADOPTCTX(YES) +
FAILDLAY(10) +
CHCKLOCL(OPTIONAL) +
CHCKCLNT(REQUIRED);
REFRESH SECURITY TYPE(CONNAUTH);
SET AUTHREC PROFILE(*) +
group('mqclient') +
OBJTYPE(QUEUE) +
AUTHADD(ALL);
SET CHLAUTH('MYCHANNEL') +
TYPE(USERMAP) CLNTUSER('tomcat') +
USERSRC(CHANNEL) +
ACTION(REPLACE);
SET CHLAUTH('MYCHANNEL') +
TYPE(USERMAP) CLNTUSER('testuser') +
USERSRC(CHANNEL) +
ACTION(REPLACE);
START LISTENER(Listener);
START CHANNEL(MYCHANNEL);
|
App code:
Code: |
@Bean(name = "senderConnectionFactory")
public ConnectionFactory senderConnectionFactory() {
String jndiFactoryName = StringUtils.trim(env.getProperty("jms.sender.jndiFactoryName"));
Context initContext;
try {
initContext = new InitialContext();
logger.info("Using JNDI senderFactory: {} ", jndiFactoryName);
return (ConnectionFactory) initContext.lookup(jndiFactoryName);
} catch (Exception e) {
logger.warn("Cannot lookup {} from JNDI, using env.properties: {}", jndiFactoryName, e.toString());
}
String providerForSending = env.getProperty("jms.broker");
// Based on the value of this property we load the correct implementation for QueueConnectionFactory
if ("ibmmq".equals(providerForSending)) {
MQConnectionFactory connectionFactory = new MQConnectionFactory();
try {
connectionFactory.setHostName(env.getProperty("jms.ibmmq.outgoing.hostName"));
connectionFactory.setPort(new Integer(env.getProperty("jms.ibmmq.outgoing.port")));
connectionFactory.setQueueManager(env.getProperty("jms.ibmmq.outgoing.qmName"));
connectionFactory.setChannel(env.getProperty("jms.ibmmq.outgoing.channel"));
connectionFactory.setTransportType(JMSC.MQJMS_TP_CLIENT_MQ_TCPIP);
connectionFactory.setStringProperty(WMQConstants.USERID,env.getProperty("jms.ibmmq.outgoing.user"));
connectionFactory.setStringProperty(WMQConstants.PASSWORD,env.getProperty("jms.ibmmq.outgoing.password"));
} catch(JMSException jmse){
// Best to do here is to throw the exception so that spring realizes that it is impossible to connect and manages the situation (very likely not starting the application)
throw new RuntimeException("Problems creating the queue connection factory to connect to IBM MQ: "+jmse.getMessage());
}
return connectionFactory;
} else {
// default behavior
ActiveMQConnectionFactory connectionFactory = new ActiveMQConnectionFactory();
connectionFactory.setBrokerURL(env.getProperty("jms.activemq.broker.outgoing.url"));
return connectionFactory;
}
}
@Bean("jmsTemplateForSender")
public JmsTemplate jmsTemplateForSender() {
ConnectionFactory connFactory = senderConnectionFactory();
String jndiQueueName = StringUtils.trim(env.getProperty("jms.sender.jndiQueueName"));
try {
JmsTemplate template = new JmsTemplate();
template.setConnectionFactory(connFactory);
Context initContext = new InitialContext();
template.setDefaultDestination((Destination) initContext.lookup(jndiQueueName));
logger.info("Using JNDI senderQueue: {} ", jndiQueueName);
return template;
}catch(Exception ex) {
logger.warn("Cannot lookup {} from JNDI queue, using env.properties: {}", jndiQueueName, ex.toString());
}
JmsTemplate jmsTemplate = new JmsTemplate();
jmsTemplate.setConnectionFactory(connFactory);
jmsTemplate.setDefaultDestinationName(env.getProperty("jms.queue.outgoing"));
return jmsTemplate;
} |
|
|
Back to top |
|
|
hughson |
Posted: Tue Sep 28, 2021 5:21 pm Post subject: |
|
|
Padawan
Joined: 09 May 2013 Posts: 1949 Location: Bay of Plenty, New Zealand
|
Where are you setting the environment variable jms.ibmmq.outgoing.user or jms.ibmmq.outgoing.password? I don't see them mentioned when you describe your config.
Cheers,
Morag _________________ Morag Hughson @MoragHughson
IBM MQ Technical Education Specialist
Get your IBM MQ training here!
MQGem Software |
|
Back to top |
|
|
fksouls |
Posted: Tue Sep 28, 2021 11:49 pm Post subject: |
|
|
Newbie
Joined: 28 Sep 2021 Posts: 4
|
I have app.properties file that I put in lib/app_name/ folder. |
|
Back to top |
|
|
|
|
|
|
Page 1 of 1 |
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|
|
|