| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| When defining a Receiver channel |
« View previous topic :: View next topic » |
| Author |
Message
|
| chango |
 Posted: Wed Jan 21, 2009 5:39 pm Post subject: When defining a Receiver channel |
 |
|
Newbie
Joined: 08 Jan 2009
Posts: 7
|
When I define a receiver channel I am getting the fields in the MCAUSER,SCYDATA and SCYEXIT like the display shown below.
define channel(SMP812QM.PQS814QM) chltype(RCVR) trptype(TCP)
3 : define channel(SMP812QM.PQS814QM) chltype(RCVR) trptype(TCP)
AMQ8014: WebSphere MQ channel created.
dis chl(SMP812QM.PQS814QM)
4 : dis chl(SMP812QM.PQS814QM)
AMQ8414: Display Channel details.
CHANNEL(SMP812QM.PQS814QM) CHLTYPE(RCVR)
ALTDATE(2009-01-21) ALTTIME(17.05.19)
BATCHSZ(50) COMPHDR(NONE)
COMPMSG(NONE) DESCR( )
HBINT(300) KAINT(AUTO)
MAXMSGL(4194304) MCAUSER(nobody)
MONCHL(OFF) MRDATA( )
MREXIT( ) MRRTY(10)
MRTMR(1000) MSGDATA( )
MSGEXIT( ) NPMSPEED(FAST)
PUTAUT(DEF) RCVDATA( )
RCVEXIT( ) SCYDATA(*
SCYEXIT(PWServer(PWExit)) SENDDATA( )
SENDEXIT( ) SEQWRAP(999999999)
SSLCAUTH(REQUIRED) SSLCIPH( )
SSLPEER( ) STATCHL(OFF)
TRPTYPE(TCP)
But on the sender side that does not seem to appear
1 : dis chl(SMP812QM.PQS814QM)
AMQ8414: Display Channel details.
CHANNEL(SMP812QM.PQS814QM) CHLTYPE(SDR)
ALTDATE(2009-01-20) ALTTIME(13.19.29)
BATCHHB(0) BATCHINT(0)
BATCHSZ(50) COMPHDR(NONE)
COMPMSG(NONE)
CONNAME(35.225.14.208(1414))
CONVERT(NO) DESCR( )
DISCINT(6000) HBINT(300)
KAINT(AUTO) LOCLADDR( )
LONGRTY(999999999) LONGTMR(1200)
MAXMSGL(4194304) MCANAME( )
MCATYPE(PROCESS) MCAUSER( )
MODENAME( ) MONCHL(QMGR)
MSGDATA( ) MSGEXIT( )
NPMSPEED(FAST) PASSWORD( )
RCVDATA( ) RCVEXIT( )
SCYDATA( ) SCYEXIT( )
SENDDATA( ) SENDEXIT( )
SEQWRAP(999999999) SHORTRTY(10)
SHORTTMR(60) SSLCIPH( )
SSLPEER( ) STATCHL(QMGR)
TPNAME( ) TRPTYPE(TCP)
USERID( ) XMITQ(PQS814QM)
I could not try to start the channel as both were production servers and the same does not seem to appear on the test servers.
My doubt is whether the channel will be running when I issue the start command getting the approval from the customer
If no how to get the fields to be blank while I define the receiver channel or do I need to Issue the below command always when creating a receiver channel
alter chl(SMP812QM.PQS814QM) mcauser('') scyexit('') scydata('') |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Wed Jan 21, 2009 9:09 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
You could try:
| Code: |
define channel(SMP812QM.PQS814QM) chltype(RCVR) trptype(TCP) +
mcauser('') scyexit('') scydata('') replace |
Somebody on your system (presumably the mqadmin) changed the SYSTEM.DEFAULT.RCVR.CHANNEL object. As a good thing he/she added an mcauser of nobody so the channel could not be run as is. Why there is a user exit in the default receiver channel definition only your mq admin could tell.
I would suggest you really talk to your mqadmin before setting up that channel.
Have fun 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| bruce2359 |
| Posted: Thu Jan 22, 2009 7:11 am Post subject: |
|
|
Poobah
Joined: 05 Jan 2008
Posts: 9469
Location: US: west coast, almost. Otherwise, enroute.
|
When WMQ is installed, message channels are unsecured. This is a well-documented place to hack into your qmgr.
mcauser of nobody is recommended to compensate for this. Setting mcauser to something non-blank is a best practice. It is likely that your security domain has rules that forbid 'nobody.'
Ponder this: if mcauser is blank (the default) any message arriving at a receiver channel MCA will be put to a queue using the authority of who/what started the channel - typically mqm or sysadmin userids. In this scenario, a hacker with WMQ installed (it's free to download) could put a message to the command input queue OR to any other queue.
Creating new channels without mcauser is an invitation to be hacked. As advised earlier in this post, check with a more-experienced sysadmin before you create new channels, so that you don't create a security exposure.
_________________
I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live. |
|
| Back to top |
|
|
| Pats21 |
| Posted: Mon Jan 26, 2009 2:02 am Post subject: |
|
|
Disciple
Joined: 08 Sep 2006
Posts: 154
|
Just for my information.
Would not the firewall against the servers prevent from anyone from connecting to the servers?
I thought that having a firewall would prevent anyone connecting to your machines.
Do share your thoughts.
Pats ... |
|
| Back to top |
|
|
| Mr Butcher |
| Posted: Mon Jan 26, 2009 2:37 am Post subject: |
|
|
Padawan
Joined: 23 May 2005
Posts: 1716
|
what about inhouse connections? or routed connections? or errors in firewall definitions? or .... or .... or .....
_________________
Regards, Butcher |
|
| Back to top |
|
|
| bruce2359 |
| Posted: Mon Jan 26, 2009 7:58 am Post subject: |
|
|
Poobah
Joined: 05 Jan 2008
Posts: 9469
Location: US: west coast, almost. Otherwise, enroute.
|
Security is like an onion, it is comprised of many layers. SSL, firewalls and o/s-level security, are part of security.
_________________
I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live. |
|
| Back to top |
|
|
| Pats21 |
| Posted: Tue Jan 27, 2009 11:33 am Post subject: |
|
|
Disciple
Joined: 08 Sep 2006
Posts: 154
|
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
