| Author |
Message
|
| GregJ |
 Posted: Fri Apr 05, 2002 12:58 pm Post subject: |
 |
|
Acolyte
Joined: 24 Oct 2001
Posts: 69
Location: Markham, On. Canada
|
We have a client that connects to our server. He has NO variable defined for a user_id. With just that, he cannot connect - no problem
IF I add an id to the svrconn channel MCA_user_ID his connection picks up whatever I write in there and uses it.. I must stress he does not define any user ID on his side.
When I look in the message header of the messages he sends, I see the user identifier is whatever I have defined in the channel user_ID
What is going on? |
|
| Back to top |
|
 |
| PeterPotkay |
| Posted: Fri Apr 05, 2002 1:04 pm Post subject: |
|
|
Poobah
Joined: 15 May 2001
Posts: 7716
|
The MCA_USER_IDENTIFIER of the channel supercedes any value that may be passed along by the client. Use this function carefully!!!
_________________
Peter Potkay
MQSeries Certified Specialist
[ This Message was edited by: PeterPotkay on 2002-04-05 13:05 ] |
|
| Back to top |
|
|
| GregJ |
| Posted: Fri Apr 05, 2002 1:11 pm Post subject: |
|
|
Acolyte
Joined: 24 Oct 2001
Posts: 69
Location: Markham, On. Canada
|
| The problem though is his code picks up the ID specified in OUR SVRCONN channel. How is this possible? |
|
| Back to top |
|
|
| kolban |
| Posted: Fri Apr 05, 2002 8:33 pm Post subject: |
|
|
Grand Master
Joined: 22 May 2001
Posts: 1072
Location: Fort Worth, TX, USA
|
| ... because that is the semantics of explcitly defining an MCA Userid ... if you specify a userid here then NO MATTER WHAT userid the client application supplies (or doesn't supply), authorization will be based on the MCA Userid. |
|
| Back to top |
|
|
| PeterPotkay |
| Posted: Tue Apr 09, 2002 9:04 pm Post subject: |
|
|
Poobah
Joined: 15 May 2001
Posts: 7716
|
by the way, if you have a security exit running, THAT trumps all. The order for user id is...
It uses the user id that started the MCA process,
unless
the client flows a user id, then it uses that,
unless
the MCA_USER_IDENTIFIER is set, in which case that is used
unless
a security exit overides the MCA_USER_IDENTIFIER field and/or the flowed User ID.
_________________
Peter Potkay
Keep Calm and MQ On |
|
| Back to top |
|
|
| sys1mtm |
| Posted: Fri May 03, 2002 6:46 am Post subject: |
|
|
Newbie
Joined: 11 Apr 2002
Posts: 3
|
| Do you have any AS/400 sample security exit programs? - thanks!! |
|
| Back to top |
|
|
|
|
