ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » General Discussion » MQIPT

Post new topic  Reply to topic
 MQIPT « View previous topic :: View next topic » 
Author Message
myQ
PostPosted: Thu Sep 16, 2004 2:43 am    Post subject: MQIPT Reply with quote

Newbie

Joined: 16 Sep 2004
Posts: 1
Have implemented MQIPT so can filter IPs and at the same time implemented Security Exit in MQIPt which makes it possible for user to connect to certain CHANNELS only.

Implemented CHANNEL level Security Exits in MQ server which work in tandem with the Security Exits at client side. HandShake, UserName transfer and then Password transfer and then UserName and Password authentication based on the NT secuirty mechanism i.e. user has to exist in Windows. And then the user can place the message in the desired queue.

But the problem is the user coming from the remote client has to be there in the MQM group. And as soon as you add the user in MQM group he gets all the MQI rights and MQAdmin rights like create, drop, change etc. which is wrong.

I want to give the user only rights for GET on certain queue and PUT in another queue. Queue level rights. Trying to use SETMQAUT and DSPMQAUT but of no use as user can't place the message in he is not in MQM group and as soon as you enter him in MQM group he has all the rights which cannot be altered using the above said commands.
Back to top
View user's profile Send private message
jefflowrey
PostPosted: Thu Sep 16, 2004 4:50 am    Post subject: Reply with quote

Grand Poobah

Joined: 16 Oct 2002
Posts: 19981
You need to give the user the rights to connect to the queue manager, and then the rights you want on each queue.

Please review the documenation for setmqaut.
_________________
I am *not* the model of the modern major general.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » General Discussion » MQIPT
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.