ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » UsernamePassword Propagation for Long Usernames

Post new topic  Reply to topic
 UsernamePassword Propagation for Long Usernames « View previous topic :: View next topic » 
Author Message
jayZ
PostPosted: Mon Jun 10, 2013 11:58 am    Post subject: UsernamePassword Propagation for Long Usernames Reply with quote

Acolyte

Joined: 03 Jun 2008
Posts: 71
I am attempting to apply multiple levels of security in a message flow and have run into an issue with names longer than 12 characters. The scenario is like this:

1. SOAP Input Authenitcates User
2. Flow Passes Request to One of Many Provider Flow Flows
3. MQ Input on the Provider Message Flow Authenticates and Authorizes User for the Prodiver Service

This approach is being used because different policys may be enforced depending on the provider.

My problem is when the username is longer than 12 characters, it gets truncated. After checking the infocenter, I found that there is a field (MQ_USER_ID_LENGTH) that can be used to specify the length, the default being 12. What I couldn't find is how to change that field when an MQOuput node is doing the putting.
In the meantime, I am requesting a new user with a shorter name for the rest of my testing. However, that is only a bandaid because our current user is longer than that limit.

[/list]
Back to top
View user's profile Send private message
mqjeff
PostPosted: Mon Jun 10, 2013 12:11 pm    Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447
You are in a twisty maze of user identifiers, all different.

12 is the maximum size of the MQMD User Identifier field.

Use SOAP over JMS to pass the SOAP Envelope, including the WS-Security Headers, in the MQ message body. And then replace the MQInput with a SOAPInput.

You can't authenticate an MQ user without additional information that can not be carried in the MQMD. You can only authorize them.
Back to top
View user's profile Send private message
jayZ
PostPosted: Mon Jun 10, 2013 12:15 pm    Post subject: Reply with quote

Acolyte

Joined: 03 Jun 2008
Posts: 71
Simple and elegant, wish I had taken a step back and thought of that!

Thanks!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » UsernamePassword Propagation for Long Usernames
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.