| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Authorization |
« View previous topic :: View next topic » |
| Author |
Message
|
| cturner |
 Posted: Mon Aug 18, 2003 9:20 am Post subject: Authorization |
 |
|
Newbie
Joined: 21 Aug 2002
Posts: 9
Location: Apex, NC
|
I have a customer that is asking if they can set security on a channel to only access certain queues/objects. Initially, I told them it wasn't possible but now they read something and seem to think it is possible.
Basically, they will have about 7 sender/receiver channels coming from 7 different places and they want to secure the connections and queus so that the 7 different places will not be able to see or access each others queues and channels.
Any help appreciated, thanks. |
|
| Back to top |
|
 |
| Reconda |
| Posted: Mon Aug 18, 2003 12:48 pm Post subject: |
|
|
Apprentice
Joined: 20 Jun 2002
Posts: 40
|
Hi,
You can accomplish this by using our QN-AppWatch for MQ product. QN-AppWatch provides highly secure customized views so that users only see/touch what you want them to see/touch. This level of granularity goes down to the channel and message level. You can visit our website at www.reconda.com to learn more. |
|
| Back to top |
|
|
| interactivechannel |
| Posted: Wed Aug 20, 2003 12:16 am Post subject: |
|
|
Voyager
Joined: 20 May 2003
Posts: 94
Location: uk
|
| Set the MCAUSER on the channel. |
|
| Back to top |
|
|
| jefflowrey |
| Posted: Wed Aug 20, 2003 11:11 am Post subject: Re: Authorization |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
| cturner wrote: |
I have a customer that is asking if they can set security on a channel to only access certain queues/objects. Initially, I told them it wasn't possible but now they read something and seem to think it is possible.
Basically, they will have about 7 sender/receiver channels coming from 7 different places and they want to secure the connections and queus so that the 7 different places will not be able to see or access each others queues and channels. |
This is basic MQSeries security. MQSeries objects have permissions on them, and those permissions are granted to defined users. If each of the 7 different places are running their applications as different users, then use setmqaut or dspmqaut to manage the permissions for each of those users.
If each of those 7 different places aren't running their apps as different users, and you aren't otherwise authenicating them, then you could set the MCAUser on the channel as someone else suggested and then assign priviledges for each of those users. However, all that means is that anyone who connects to that channel has the rights assigned to the user defined to the channel. |
|
| Back to top |
|
|
| EddieA |
| Posted: Wed Aug 20, 2003 11:27 am Post subject: |
|
|
Jedi
Joined: 28 Jun 2001
Posts: 2453
Location: Los Angeles
|
| Quote: |
This is basic MQSeries security. MQSeries objects have permissions on them, and those permissions are granted to defined users. If each of the 7 different places are running their applications as different users, then use setmqaut or dspmqaut to manage the permissions for each of those users.
|
If you do this for the local queues where the messages will arrive, then don't forget to change the Receiver channel to use Put Authority = Context.
Cheers,
_________________
Eddie Atherton
IBM Certified Solution Developer - WebSphere Message Broker V6.1
IBM Certified Solution Developer - WebSphere Message Broker V7.0 |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
