| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Authorizing an user, who is connecting thru internet.. |
« View previous topic :: View next topic » |
| Author |
Message
|
| gr3ymatt3r |
 Posted: Wed Aug 29, 2007 1:56 am Post subject: Authorizing an user, who is connecting thru internet.. |
 |
|
Novice
Joined: 25 Aug 2007
Posts: 11
|
Hi,
what is the possible way of Authorizing a User to access the queue on the Qmanager, where the user wants to connect from the internet.....
1) from a ip address
2) from any machine...lets say machine in a cyber cafe having websphere client.
Thanks. |
|
| Back to top |
|
 |
| Vitor |
| Posted: Wed Aug 29, 2007 2:21 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
I'm interested in the requirement you're trying to meet here. Also what network security you already have in place; typically the sort of servers that host queue managers are not directly connected to the external network in the way you imply. Is your queue manager in a DMZ (or similar)?
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| jefflowrey |
| Posted: Wed Aug 29, 2007 3:00 am Post subject: |
|
|
Grand Poobah
Joined: 16 Oct 2002
Posts: 19981
|
You're not trying to AUTHORIZE a user. You're trying to AUTHENTICATE a user.
And MQ doesn't do that.
Authenticate means "decide if the user is who they say they are".
Authorize means "allow a named user to do X, Y or Z".
MQ provides for authorization, but NOT for Authentication. It relies on the underlying OS of the remote system to perform the authentication in the case of client channels - or relies on the MCAUser.
There are various product extensions you can use to provide more robust authentication.
Two minutes searching should find you one of Roger Lacroix's recent posts on the subject.
_________________
I am *not* the model of the modern major general. |
|
| Back to top |
|
|
| RogerLacroix |
| Posted: Wed Aug 29, 2007 10:52 am Post subject: |
|
|
Jedi Knight
Joined: 15 May 2001
Posts: 3264
Location: London, ON Canada
|
| jefflowrey wrote: |
| Two minutes searching should find you one of Roger Lacroix's recent posts on the subject. |
Thanks Jeff. 
The MQ Authenticate User Security Exit is a solution that allows a company to fully authenticate a user who is accessing a WebSphere MQ resource. It verifies the User's UserID and Password (and possibly Domain Name) against the server's native OS system (or domain controller) or a remote LDAP server.
Regards,
Roger Lacroix
Capitalware Inc.
_________________
Capitalware: Transforming tomorrow into today.
Connected to MQ!
Twitter |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
