| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Authentication Exit Issue |
« View previous topic :: View next topic » |
| Author |
Message
|
| amittalekar |
 Posted: Wed Apr 10, 2002 4:55 pm Post subject: |
 |
|
Disciple
Joined: 03 Apr 2002
Posts: 166
Location: VA, USA
|
Hi
I am using MQ WorkFlow version 3.3.0. We applied service pack 3.
I couldn't find out sample code for authentication exit in MQWF 3.3.0 CD.
I have already gone through Installable & Programmable guide .
Configuration details are as follows :-
WorkFlow server and java corba agent both running on the same server.
Authentication client is running from the remote machine.
I am using logon3 API for this perpose.
Steps followed:-
1) put the authentication class in com.ibm.workflow.java.exit package
2) put this package in the path visible to WorkFlow server.
3) set RTAuthenticationExitTypeServer server variable to JAVA.
4) restarted the WorkFlow server.
5) run authentication client.
I am always getting "Not Authorized" error.
My authentication class is never called by server.I varified this by creating
traces using "fmczchk -dc trc:99" command.
Can please anybody help me to solve this problem.
Waiting for ur valuable input.
Thanks & Regards
Amit |
|
| Back to top |
|
 |
| JImmy |
| Posted: Thu Apr 11, 2002 2:13 am Post subject: |
|
|
Acolyte
Joined: 23 Feb 2002
Posts: 59
Location: Shanghai, China
|
Amit,
I think maybe you did not set the correct CLASSPATH for MQWF Adminstration Server. If you are using Windows, set the system property "CLASSPATH" and append the authentication exit classes. Ensure that your authentication exit class name is com.ibm.workflow.java.exit.Authentication. If you are the first time changing the CLASSPATH, be sure to RESTART the computer. Restart the service can not make the change to take effect.
And if you need the sample code I am using, I will post it later.
Good Luck. |
|
| Back to top |
|
|
| amittalekar |
| Posted: Thu Apr 11, 2002 5:25 am Post subject: |
|
|
Disciple
Joined: 03 Apr 2002
Posts: 166
Location: VA, USA
|
Hi Jimmy,
I put the authentication.class source in com.ibm.workflow.java.exit package.
This package is in the folder c:/test. The folder c:/test is in the system classpath. I restarted the machine after setting classpath. But still WQWF server unable to find it.
Can you please send me sample code you are using. Also please advice me the detail steps you followed to implement Authentication exit.
Waiting for your response
Thanks & Regards,
Amit |
|
| Back to top |
|
|
| JImmy |
| Posted: Thu Apr 11, 2002 4:30 pm Post subject: |
|
|
Acolyte
Joined: 23 Feb 2002
Posts: 59
Location: Shanghai, China
|
Amit,
The exception "Not Authorized" indicates that neither you define the authentication exit nor you define correct entry in the authentication exit. So you must have method authenticate() in your Authentication.java file. I performed the following steps and the sample works fine:
1. Implement the authentication class, the following code is extracted from Authentication.java file, using com.ibm.workflow.java.exit as the package name in the file. I just use a very sample method to do authentication, which consider that the format of credential string like "userid:password". And no user mapping and no password checking.
----------------------------------------------------------------------------
public static int authenticate(Hashtable exitParam)
{
String FMC_NEXT_PHASE = "NextPhase";
String FMC_LOGON_ACCEPTED = "LogonAccepted";
String FMC_LOGON_DENIED = "LogonDenied";
String FMC_ERROR = "Error";
int FMC_EXIT_OK = 0;
int FMC_EXIT_RECOVERABLE_ERROR = 1;
int FMC_EXIT_NONRECOVERABLE_ERROR = 2;
// input parameters
Integer exitVersion = (Integer) exitParam.get("exitParameterListVersion");
Integer version = (Integer) exitParam.get("version");
Integer release = (Integer) exitParam.get("release");
Integer modLevel = (Integer) exitParam.get("modlevel");
byte[] credentials = (byte[]) exitParam.get("userCredentials");
String correlID = (String) exitParam.get("exitCorrelID");
Integer phase = (Integer) exitParam.get("phaseNumber");
String result = (String) exitParam.get("exitResult");
Integer reason = (Integer) exitParam.get("reasonCode");
String userName = (String) exitParam.get("userName");
String mqwfUserID = (String) exitParam.get("mqwfUserID");
// request processing
result = FMC_NEXT_PHASE; // FMC_LOGON_ACCEPTED, FMC_LOGON_DENIED, FMC_ERROR
reason = new Integer(0);
try {
String cred = new String(credentials);
int index = cred.indexOf(':');
if (-1 != index) {
userName = cred.substring(0, index);
String password = cred.substring(index+1, cred.length());
System.out.println("User ID: " + userName + " password: " + password);
mqwfUserID = userName;
result = FMC_LOGON_ACCEPTED;
} else {
result = FMC_LOGON_DENIED;
}
} catch (Exception e) {
System.out.println("Error:n" + e.toString());
result = FMC_ERROR;
}
int rc = 0; // FMC_EXIT_OK (-> 0), FMC_EXIT_RECOVERABLE_ERROR (-> 1), FMC_EXIT_NONRECOVERABLE_ERROR (-> 2)
// output parameters
exitParam.put("exitCorrelID", correlID);
exitParam.put("exitResult", result);
exitParam.put("reasonCode", reason);
exitParam.put("userName", userName);
exitParam.put("mqwfUserID", mqwfUserID);
exitParam.put("userCredentials", credentials);
return rc;
}
------------------------------------------------------------------------------
2. Package the class file to a jar file such as fmcauth.jar, ensure you package the proper folder in the jar file, that is, if you open the jar file, you should find file in such folder: comibmworkflowjavaexitAuthentication.class. And then put the jar file to system CLASSPATH environment variable. Please notice that maybe there are two CLASSPATH environment variables defined in Windows, one for all users and one for current user, if so, I suggest remove the CLASSPATH variable for all users and modify the CLASSPATH for current user to include the jar file you just created.
3. Issue command "fmczchk -c inst:m,RTAuthenticationExitTypeServer,JAVA -y FMC" to notify MQWF administration server to use java authentication mechanism.
4. Restart MQWF administration server, if neccessary, restart the computer instead.
5. Write the client code like the following
-------------------------------------------------------------------------------
String userid = "ADMIN";
String password = "password";
Agent agent = new Agent();
agent.setLocator(Agent.LOC_LOCATOR);
agent.setName("MQWFAGENT");
ExecutionService service = agent.locate("", "");
String credentials = userid + ":" + password;
byte[] cred = credentials.getBytes();
service.logon3(cred);
-------------------------------------------------------------------------------
And I am using MQWF 3.3.1 (MQSeries 5.2.1), Window 2000 Advanced Server.
GOOD LUCK!
[ This Message was edited by: JImmy on 2002-04-11 17:32 ]
[ This Message was edited by: JImmy on 2002-04-11 17:39 ] |
|
| Back to top |
|
|
| kriersd |
| Posted: Mon Aug 05, 2002 8:52 am Post subject: |
|
|
Master
Joined: 22 Jul 2002
Posts: 209
Location: IA, USA
|
One quick note to add!
Try running the fmcamain server by cmd prompt using the -c option. This will allow you to see the error messages. Login and see if the error messages show up on the screen. You may want to put some system.out messages just to make sure your actually getting to the exit code. It could be that you did not specify the command to enable the security exit correctly. The sytem does not check for syntax errors when you enable the security exit.
fmcamain -c -y <configID)
Good luck
Dave
_________________
Dave Krier
IBM WebSphere MQ Workflow V3.4 Solution Designer |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
