| Author |
Message
|
| BashManBTech |
 Posted: Thu Jan 11, 2007 11:16 am Post subject: Connecting to a Q with a user name an password |
 |
|
Newbie
Joined: 09 Jan 2007
Posts: 4
Location: AZ
|
Hi,
I am pretty new to MQ. I am trying to connect to queue using both MQCONN and with MQCONNX. However, I have a to use a user name and password to connect to the MQ hub.
Can anyone show me an example of how I can connect with using both the MQCONN and MQCONNX with the following information. Oh, I need to do this in C.
hostnames: efkxtsthub02r
port:: 1424
queuemanager:: AAGW02
channel:: AATEST.SVRCONN
With the following queues defined:
for MQI and point-to-point testing
AATEST.QUEUE.01
Just a simple C program will do. Thanks for the help.
_________________
BashMan |
|
| Back to top |
|
 |
| Gaya3 |
| Posted: Thu Jan 11, 2007 6:48 pm Post subject: |
|
|
Jedi
Joined: 12 Sep 2006
Posts: 2493
Location: Boston, US
|
Hi
you can even think of exit programming here.
Use a temp queue which tried to put msg, while transfering use exit programming and places the message in the original queue.
The exit programming should authticate and authorize it and place the messages in the exact queue
OR
Use a condition where it checks the username and password in your
C program before connecting to the queue manager.
if (Check user id & password == true)
{
Connect to queue manager
open
put
close
disconnect
}
Thanks and Regards
Gayathri
_________________
Regards
Gayathri
-----------------------------------------------
Do Something Before you Die |
|
| Back to top |
|
|
| Vitor |
| Posted: Fri Jan 12, 2007 12:12 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| Gaya3 wrote: |
you can even think of exit programming here.
|
BashManBTech - don't even think of this! Exit programming is a complex topic and a good way to foul up your queue manager if you get it wrong (or slightly not right).
It's also a sledgehammer to crack a nut. MQ has enough security built in to deal with your requirements - all you're trying to do is set up a client connection as laid out in the Clients manual. There's example code shipped with the product if you need something to crib, or you can look here:
http://www-304.ibm.com/jct09002c/isv/tech/sampmq.html
If you do have a requirement for something stronger than the out-of-the-box security, I draw your attention to the security products from Capitalware. You'll find a section on this forum about them, but they include a security exit which has to be better than trying as a newbie (no disrespect intended - we were all there once) to roll your own. Aside from the fact you're reinventing a wheel which is already fairly circular.
I'll leave you to browse through the information on the products, and leave it for Roger to do the sales pitch for his exit.
(No part of this post should be taken as an endorsement, recommendation or evaluation, positive or negative, for any of the products and/or services mentioned.  )
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| Vitor |
| Posted: Fri Jan 12, 2007 1:31 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| Gaya3 wrote: |
Use a condition where it checks the username and password in your
C program before connecting to the queue manager.
if (Check user id & password == true)
{
Connect to queue manager
open
put
close
disconnect
}
|
This assumes that the C program has access to the OS authentication API or the user id / password combination is stored someplace that the C program can read. The latter is a security risk, aside from the maintenance issues, the former is not too much better.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| jefflowrey |
| Posted: Fri Jan 12, 2007 2:28 am Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
BashManBtech - is this an existing "MQ Hub", that other people are already connecting to using a user name and password? Or are you also putting together the MQ Hub?
Also, regardless of which call - MQCONN or MQCONNX - you use, the C MQ Client API will use the userid that is running the program to authenticate against the queue manager. You can't change this.
There are several example programs for using MQCONN and MQCONNX that come with WebSphere MQ - they may already be installed on your machine.
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
|
| BashManBTech |
| Posted: Fri Jan 12, 2007 6:15 am Post subject: |
|
|
Newbie
Joined: 09 Jan 2007
Posts: 4
Location: AZ
|
| jefflowrey wrote: |
BashManBtech - is this an existing "MQ Hub", that other people are already connecting to using a user name and password? Or are you also putting together the MQ Hub?
Also, regardless of which call - MQCONN or MQCONNX - you use, the C MQ Client API will use the userid that is running the program to authenticate against the queue manager. You can't change this.
|
=============
Hi,
Yes, this is indeed an existing MQ Hub in which others are using a username and password. However, they are doing it in Java. I have installed the client on my laptop. Is there not a way to set the MQ userid and password just for running the program?
Thanks,
_________________
BashMan |
|
| Back to top |
|
|
| jefflowrey |
| Posted: Fri Jan 12, 2007 6:23 am Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
You'll need to use MQCONNX and a client-side security exit.
The C API otherwise always sends only the OS user id.
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
|
| BashManBTech |
| Posted: Fri Jan 12, 2007 6:24 am Post subject: |
|
|
Newbie
Joined: 09 Jan 2007
Posts: 4
Location: AZ
|
| Vitor wrote: |
all you're trying to do is set up a client connection as laid out in the Clients manual. |
===========
Hi,
Yes, that is correct. I just want to connect to a queue with a user name and password. I have been looking at some C examples, and it is not clear to me where I would actually pass that information in. I will post the code and results that I am getting. Thanks for the help so far.
_________________
BashMan |
|
| Back to top |
|
|
| BashManBTech |
| Posted: Fri Jan 12, 2007 6:27 am Post subject: |
|
|
Newbie
Joined: 09 Jan 2007
Posts: 4
Location: AZ
|
| jefflowrey wrote: |
You'll need to use MQCONNX and a client-side security exit.
The C API otherwise always sends only the OS user id. |
===========
Are there any sample C code examples that I look at or do you have any detailed examples ? Thanks for the help thus far.
_________________
BashMan |
|
| Back to top |
|
|
| Vitor |
| Posted: Fri Jan 12, 2007 6:28 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| BashManBTech wrote: |
Yes, that is correct. I just want to connect to a queue with a user name and password. I have been looking at some C examples, and it is not clear to me where I would actually pass that information in. I will post the code and results that I am getting. Thanks for the help so far. |
As jefflowrey points out, this is not possible out of the box with a C API and I stand by my previous comments regarding writing exits!
I'm still unclear why you require this functionality over and above the standard MQ security. Perhaps you could post a bit more about your requirements... 
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| jefflowrey |
| Posted: Fri Jan 12, 2007 6:38 am Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
There is sample code for doing MQCONNX that comes with MQ.
If you search around here for a bit, you can find a posting by Roger Lacroix that contains a dummy security exit.
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
|
| Vitor |
| Posted: Fri Jan 12, 2007 6:41 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| jefflowrey wrote: |
| you can find a posting by Roger Lacroix that contains a dummy security exit. |
Thank you - I knew there was such a posting & I've been looking for it on and off all day! Half convinced I'd dreamed it up.... 
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
|
|
