| Author |
Message
|
| phaniIIB |
 Posted: Tue Jul 28, 2015 6:12 am Post subject: To access file read content in Java compute node |
 |
|
Acolyte
Joined: 28 Jul 2015
Posts: 51
|
Can we access file read content(that reads a csv properties file) and incoming message tree elements simultaneously in Java compute node.
Scenario : I wanted to validate the incoming message content using the data persisted in properties file. Can any one suggest how to do this task best. |
|
| Back to top |
|
 |
| mqjeff |
| Posted: Tue Jul 28, 2015 6:18 am Post subject: Re: To access file read content in Java compute node |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| phaniIIB wrote: |
| Scenario : I wanted to validate the incoming message content using the data persisted in properties file. Can any one suggest how to do this task best. |
Don't do this.
Do this using the native features of IIB - that is, using a DFDL model or XMLNSC schema. |
|
| Back to top |
|
|
| phaniIIB |
| Posted: Tue Jul 28, 2015 6:41 am Post subject: |
|
|
Acolyte
Joined: 28 Jul 2015
Posts: 51
|
I used DFDL model to parse csv content from File Read but the question here is can I access my csv file content and the incoming message content in the java compute node.
In other words can java compute node have 2 inputs simultaneously. Did I make some sense?
Thanks in advance |
|
| Back to top |
|
|
| smdavies99 |
| Posted: Tue Jul 28, 2015 6:58 am Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
IIB/Broker is not a J2EE server. You need to develop a different approach to developing your solution
A JCN can only have one input at a time.
As has been said do your validation in the DFDL parser.
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| phaniIIB |
| Posted: Tue Jul 28, 2015 7:04 am Post subject: |
|
|
Acolyte
Joined: 28 Jul 2015
Posts: 51
|
By validation I meant is lookup into the file. I completely didn't understand how I can do that in DFDL parser.
Anyways, let me make it straight forward. I store authentication credentials in a file which I wanted to access in my java compute node for authenticating the incoming data.
What is the best approach to do this? |
|
| Back to top |
|
|
| mqjeff |
| Posted: Tue Jul 28, 2015 7:17 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| phaniIIB wrote: |
By validation I meant is lookup into the file. I completely didn't understand how I can do that in DFDL parser.
Anyways, let me make it straight forward. I store authentication credentials in a file which I wanted to access in my java compute node for authenticating the incoming data.
What is the best approach to do this? |
Use the authentication properties of IIB.
Throw away the notion of using a properties file entirely. |
|
| Back to top |
|
|
| Vitor |
| Posted: Tue Jul 28, 2015 7:27 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| mqjeff wrote: |
| phaniIIB wrote: |
By validation I meant is lookup into the file. I completely didn't understand how I can do that in DFDL parser.
Anyways, let me make it straight forward. I store authentication credentials in a file which I wanted to access in my java compute node for authenticating the incoming data.
What is the best approach to do this? |
Use the authentication properties of IIB.
Throw away the notion of using a properties file entirely. |
Not only are you reinventing a wheel, storing credentials in a file is much less secure than storing them inside the IBM software.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| Vitor |
| Posted: Tue Jul 28, 2015 7:29 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| phaniIIB wrote: |
| In other words can java compute node have 2 inputs simultaneously. |
No.
| phaniIIB wrote: |
| Did I make some sense? |
No. Nothing about this design makes sense. Back up and start again.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| phaniIIB |
| Posted: Tue Jul 28, 2015 8:07 am Post subject: |
|
|
Acolyte
Joined: 28 Jul 2015
Posts: 51
|
| Thanks for your inputs. I was just going through the Basic identity propagation security in Knowledge center. Seems to be pretty interesting. Can any one of you provide a sample for me to understand clearly or any links that clearly explain how to implement security. |
|
| Back to top |
|
|
| Vitor |
| Posted: Tue Jul 28, 2015 9:09 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| phaniIIB wrote: |
| I was just going through the Basic identity propagation security in Knowledge center. |
Congratulations on finding it.
| phaniIIB wrote: |
| Seems to be pretty interesting. |
Also useful.
| phaniIIB wrote: |
| Can any one of you provide a sample for me to understand clearly or any links that clearly explain how to implement security. |
Start here and here, then keep reading.
There's a specific set of samples provided with the Toolkit that deal with Security.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| phaniIIB |
| Posted: Tue Jul 28, 2015 10:40 am Post subject: |
|
|
Acolyte
Joined: 28 Jul 2015
Posts: 51
|
Thanks a lot Vitor and mqjeff, I was going through the Message Flow Security pages in IIB especially the Authentication and Validation, Identity propagation security.
As per my understanding, there is a security manager that extracts the credentials from HTTP header(for instance) and passes it on to 3rd party security providers like LDAP, IWA etc.,
My doubt is if I am not able to afford for a 3rd party security provider what is the alternative to do for security. |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Tue Jul 28, 2015 11:03 am Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| phaniIIB wrote: |
Thanks a lot Vitor and mqjeff, I was going through the Message Flow Security pages in IIB especially the Authentication and Validation, Identity propagation security.
As per my understanding, there is a security manager that extracts the credentials from HTTP header(for instance) and passes it on to 3rd party security providers like LDAP, IWA etc.,
My doubt is if I am not able to afford for a 3rd party security provider what is the alternative to do for security. |
The alternative is to use a DB. At least this way you can have the data encrypted at rest... and as I don't expect the table to reach any size it can be cached at the DB level... 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| mqjeff |
| Posted: Tue Jul 28, 2015 11:13 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
There are open source LDAP servers.
IWA is built into Windows. |
|
| Back to top |
|
|
| Vitor |
| Posted: Tue Jul 28, 2015 11:20 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| phaniIIB wrote: |
| My doubt is if I am not able to afford for a 3rd party security provider what is the alternative to do for security. |
Accept that your service is vulnerable?
In your original plan, the credentials are available to anyone with file system access. In the alternative suggested by my associate, they're vulnerable to anyone with SELECT authority. What's the cost of unauthorized access?
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| phaniIIB |
| Posted: Tue Jul 28, 2015 11:44 am Post subject: |
|
|
Acolyte
Joined: 28 Jul 2015
Posts: 51
|
Our's is a real time analytics use case. So the chances of unauthorised access is zero. How ever we don't want any unauthorised user to enter into our system.
I have 4 options with me now,
1. File Read and Shared Variables
2. User defined Configurable Service
3. Global Cache
4. Identity propagation security |
|
| Back to top |
|
|
|
|
