ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General Discussion » How to protect DB user and password in XA openstream?

Post new topic  Reply to topic
 How to protect DB user and password in XA openstream? « View previous topic :: View next topic » 
Author Message
tiangl
PostPosted: Wed Jan 03, 2007 5:45 pm    Post subject: How to protect DB user and password in XA openstream? Reply with quote

Apprentice

Joined: 19 Nov 2004
Posts: 48
As we know,we set oracle db user and password in XA openstream, but it seems not security enough, cause this information is clear text for each OS user who can access qm.ini. is there any way to protect this ?

thanks!

XAResourceManager:
Name=OracleDB
SwitchFile=jdbcora
XAOpenString=+Acc=P/testuser/secret+SesTm=35+DB=testdb+threads=true
ThreadOfControl=THREAD
Back to top
View user's profile Send private message MSN Messenger
mvic
PostPosted: Wed Jan 03, 2007 6:30 pm    Post subject: Re: How to protect DB user and password in XA openstream? Reply with quote

Jedi

Joined: 09 Mar 2004
Posts: 2080
tiangl wrote:
is there any way to protect this ?

Yes, but it would involve writing some C code for a special "switch load file". You would have to write a vector function for xa_open and introduce some other method for inserting your desired xa_info string into the xa_open call. Your other security parameters (eg. who can run apps, who can login to your machine, what control do these users have over what they run) will be relevant here. Bear in mind that every app that calls MQBEGIN, and potentially several queue manager processes running as uid:mqm gid:mqm will need to be able to read qm.ini and the switch load file at run time.

The safest option, when using XA, is to have the machine highly restrictive re. interactive logins, and other general user privileges.
Back to top
View user's profile Send private message
tiangl
PostPosted: Thu Jan 04, 2007 1:35 am    Post subject: Reply with quote

Apprentice

Joined: 19 Nov 2004
Posts: 48
thanks a lot, Mvic
Back to top
View user's profile Send private message MSN Messenger
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General Discussion » How to protect DB user and password in XA openstream?
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.