ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » Archives - All » MQ Visual Edit Security

This forum is locked: you cannot post, reply to, or edit topics.  This topic is locked: you cannot edit posts or make replies.
 MQ Visual Edit Security « View previous topic :: View next topic » 
Author Message
Lloyd
PostPosted: Mon Mar 14, 2005 7:42 am    Post subject: MQ Visual Edit Security Reply with quote

Guest
We would like to use MQ Visual Edit in a development environment but need to restrict access to certain development and production MQ Managers. I know MQ Visual Edit is not a security package but is there anyway we can do this with the product. I have read about CommProfileDB. Will this work and does it come standard with a copy of MQ Visual Edit ? Please help. Thanks.
Back to top
RogerLacroix
PostPosted: Mon Mar 14, 2005 10:48 am    Post subject: Reply with quote

Jedi Knight

Joined: 15 May 2001
Posts: 3253
Location: London, ON Canada
Hi Lloyd,

It is really difficult to put the security burden on MQ Visual Edit or any other messaging editing tool. I have put some features in MQ Visual Edit for security but what if you have a developer writes their own Java program to access your queue manager. There would be nothing to stop them.

The best place to do security checking is at the queue manager. You can install a security exit at the queue manager to do basic checks like IP address, UserID, etc… or you can go with a pair of exits (both client-side & server-side) that would do full authentication (UserID, Password and optionally domain) of a user.

We are currently beta-testing an Authenticate User Security Exit solution. For more info see:
http://www.mqseries.net/phpBB2/viewtopic.php?t=20113

For MQ Visual Edit, there are 2 features that can be enabled:
- Lock the UserID to the logged on Windows UserID
- Lock the user to using a specific CommProfileDB file (CommProfileDB stores the queue manager connection info).

Again, if a user creates their own MQ program, the MQ Visual Edit solutions listed above will not have any effect.

Regards,
Roger Lacroix
Capitalware Inc.
_________________
Capitalware: Transforming tomorrow into today.
Connected to MQ!
Twitter
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.  This topic is locked: you cannot edit posts or make replies. Page 1 of 1

MQSeries.net Forum Index » Archives - All » MQ Visual Edit Security
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.