| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Passing Digital Signatures |
« View previous topic :: View next topic » |
| Author |
Message
|
| nitikavi |
 Posted: Sun Jun 19, 2005 8:08 am Post subject: Passing Digital Signatures |
 |
|
Newbie
Joined: 19 Jan 2005
Posts: 8
|
Hi
We are trhying to implement digital signatures for MQ messages.
The expection is that sender MQ client signs a message before sending it and the receiver validates the same.
However in order to prevent the change in the message structure, we are trying to see if we can separate the digital signature from the message it self.
What I mean is that message will continue to be passed as it is now, but the digital signature will be passed separately. To do this , one option is to pass the digital signature as a part of the message header. But we are unable to find a suitable field for the same. We tried accountingToken but it is not big enough to hold the signature.
The other option was to send the message as a object using the
msg.writeObject() call, but this solution would work for Java programs, but one of MQ client is a AS400 program also. I am not sure what effect it would have on the AS400 program
The 3rd Option is to send the signature on a different quque as a normal message but it would bear the same correl id as the origimal message, bu I am not sure if this is a clean approach
Has anybody tried to sign messages digitally? If yes can somebody help me? I have sort of hit a road block on this and would appreciate a quick response
Please note that our MQ clients are both Java and AS400 programs. |
|
| Back to top |
|
 |
| jefflowrey |
| Posted: Sun Jun 19, 2005 9:19 am Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
Usually, digital signatures are attached to the encrypted text they have been used to sign.
There is no room in the plain MQMD for what you want. There is room in an MQRFH2 header for what you want - this would be accessed from Java (or at least JMS) using "setProperty" on the message. And can be accessed using standard coding practices on the AS/400.
You can also simply prepend or append the signature to the body, with some sort of delimiter to indicate the distinction between the two parts.
Regardless of where you put this additional information, you will have to change the AS/400 program, so that it knows where to look for the new information and what to do with it! Or you will have to put a program of some kind "in front" of the AS/400 program that translates the message into something that the AS/400 already knows about.
Using MQ to pass Java objects is, to my mind, always a bad idea because it is always proprietary and may not solve the problems you want it to solve. And using JAXB or Castor is just as simple, and is more robust and flexible.
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
|
| nitikavi |
| Posted: Tue Jun 28, 2005 6:23 pm Post subject: |
|
|
Newbie
Joined: 19 Jan 2005
Posts: 8
|
Hi Jeff
Thanks for the reply, however I am still struggling to find out how to access RFH2 using Java MQ APIs.
Can you please help?
Or suggest a different approach. |
|
| Back to top |
|
|
| EddieA |
| Posted: Tue Jun 28, 2005 11:09 pm Post subject: |
|
|
Jedi
Joined: 28 Jun 2001
Posts: 2453
Location: Los Angeles
|
| Quote: |
| I am still struggling to find out how to access RFH2 using Java MQ API |
Have you tried searching this site. There have been a couple of posts about "dis-assembling" an RFH2 header in Java. In fact, I posted one. Basically, you have to read it field by field. Only JMS provides the methods to read the Properties directly.
Cheers,
_________________
Eddie Atherton
IBM Certified Solution Developer - WebSphere Message Broker V6.1
IBM Certified Solution Developer - WebSphere Message Broker V7.0 |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
