| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| MSA User ID Behavior |
« View previous topic :: View next topic » |
| Author |
Message
|
| klobubj |
 Posted: Fri May 18, 2007 3:42 am Post subject: MSA User ID Behavior |
 |
|
Newbie
Joined: 18 May 2007
Posts: 4
Location: Pittsburgh Pa
|
I'm in the process of setting up intercommunication between our organization and a business partner. In the interest of conntrolling the access to a specific QManager and Queue in our environment, I flipped the Put Authority to Context on our recieve channel and Set the MCA User Id to a internally known account. Subsequently, I've secured the Qmanager and Queue as tightly as resonable using this account.
The channel starts fine...presumably in the context of our known account. However, when our business partner sends a message it goes to dead letter in the context of an account they are using basically because it's not secured to put on the application queue. My expectation was that the context would change to the MCA user...even on the put.
Am I all wet? Do I need to create a mirrored account and secure it? Any other suggestions?
P.S. I am also implementing BlockIP as a security exit. |
|
| Back to top |
|
 |
| Michael Dag |
| Posted: Fri May 18, 2007 3:46 am Post subject: |
|
|
Jedi Knight
Joined: 13 Jun 2002
Posts: 2607
Location: The Netherlands (Amsterdam)
|
if you set the channel putaut to ctx (context) like you did, this is exactly what happens,
the userid in the mqmd of the message is used to put to the queue and since it doesn't exist in your environment it is not authorised to do so.
setting the MCAUSER on the channel has no effect in this situation.
_________________
Michael
MQSystems Facebook page |
|
| Back to top |
|
|
| klobubj |
| Posted: Wed May 23, 2007 10:28 am Post subject: Still confused |
|
|
Newbie
Joined: 18 May 2007
Posts: 4
Location: Pittsburgh Pa
|
| I'm not sure I understand why MCA User ID has nothing to do with it. The Message was ultimately put to the Dead letter queue in the context of my MCA user ID. Nowhere else is that account configured. |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed May 23, 2007 12:52 pm Post subject: Re: Still confused |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| klobubj wrote: |
| I'm not sure I understand why MCA User ID has nothing to do with it. The Message was ultimately put to the Dead letter queue in the context of my MCA user ID. Nowhere else is that account configured. |
What Michael is trying to diplomatically tell you is that in order for it to work as you expect you do not want the channel putaut set to ctx.
Working as designed. Moving on... 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
