| Author |
Message
|
| rickwatsonb |
 Posted: Tue Mar 08, 2011 5:56 am Post subject: AUTHOREV Enabled – Reason Code |
 |
|
Voyager
Joined: 15 Aug 2006
Posts: 87
Location: USA: Mid-West
|
Hi,
We will be testing OAM authorities in experimental soon on UNIX with MQ V6.0.2.6. As suggested previously in this forum, I plan to start with granting limited authorities. Thus, I will need to be able to see the events associated with failed application requests.
I have enabled AUTHOREV and recycled the queue manager and am now trying to test the feedback from unauthorized events. When I put a message to a read-only queue via MQ Explorer events are written to the SYSTEM.ADMIN.QMGR.EVENT queue. The problem is that I do not see any mention of reason codes.
For example, trying to put a message to a read-only queue generates a AMQ4036 pop-up via MQ Explorer. I viewed the messages in the queue manager event queue by running “/opt/mqm/samp/bin/amqsbcg SYSTEM.ADMIN.QMGR.EVENT QMGR.TEST5” but I do not see reason code AMQ4036 in the event message.
Questions: What do I need to do to be able to see the reason codes in the event messages? Or, why are the reason codes not being written to the event message?
Message relative to 4036 attempt:
MQGET of message number 17
****Message descriptor****
StrucId : 'MD ' Version : 2
Report : 0 MsgType : 8
Expiry : -1 Feedback : 0
Encoding : 273 CodedCharSetId : 819
Format : 'MQEVENT '
Priority : 0 Persistence : 0
MsgId : X'414D5120514D47522E544553543520204D754D2D20000E32'
CorrelId : X'000000000000000000000000000000000000000000000000'
BackoutCount : 0
ReplyToQ : ' '
ReplyToQMgr : 'QMGR.TEST5 '
** Identity Context
UserIdentifier : ' '
AccountingToken :
X'0000000000000000000000000000000000000000000000000000000000000000'
ApplIdentityData : ' '
** Origin Context
PutApplType : '7'
PutApplName : 'QMGR.TEST5 '
PutDate : '20110308' PutTime : '13442641'
ApplOriginData : ' '
GroupId : X'000000000000000000000000000000000000000000000000'
MsgSeqNumber : '1'
Offset : '0'
MsgFlags : '0'
OriginalLength : '-1'
**** Message ****
length - 168 bytes
00000000: 0000 0007 0000 0024 0000 0001 0000 002C '.......$.......,'
00000010: 0000 0001 0000 0001 0000 0001 0000 07F3 '................'
00000020: 0000 0004 0000 0004 0000 0044 0000 07DF '...........D....'
00000030: 0000 0000 0000 0030 514D 4752 2E54 4553 '.......0QMGR.TES'
00000040: 5435 2020 2020 2020 2020 2020 2020 2020 'T5 '
00000050: 2020 2020 2020 2020 2020 2020 2020 2020 ' '
00000060: 2020 2020 2020 2020 0000 0003 0000 0010 ' ........'
00000070: 0000 03FC 0000 0004 0000 0003 0000 0010 '................'
00000080: 0000 03FD 0000 000D 0000 0004 0000 0020 '............... '
00000090: 0000 0BD1 0000 0000 0000 000C 6D71 6276 '............mqbv'
000000A0: 6965 7720 2020 2020 'iew '
Thank you for your help. |
|
| Back to top |
|
 |
| bruce2359 |
| Posted: Tue Mar 08, 2011 6:39 am Post subject: |
|
|
Poobah
Joined: 05 Jan 2008
Posts: 9399
Location: US: west coast, almost. Otherwise, enroute.
|
| Quote: |
00000000: 0000 0007 0000 0024 0000 0001 0000 002C '.......$.......,'
00000010: 0000 0001 0000 0001 0000 0001 0000 07F3 '................'
00000020: 0000 0004 0000 0004 0000 0044 0000 07DF '...........D....'
00000030: 0000 0000 0000 0030 514D 4752 2E54 4553 '.......0QMGR.TES'
00000040: 5435 2020 2020 2020 2020 2020 2020 2020 'T5 '
00000050: 2020 2020 2020 2020 2020 2020 2020 2020 ' '
00000060: 2020 2020 2020 2020 0000 0003 0000 0010 ' ........'
00000070: 0000 03FC 0000 0004 0000 0003 0000 0010 '................'
00000080: 0000 03FD 0000 000D 0000 0004 0000 0020 '............... '
00000090: 0000 0BD1 0000 0000 0000 000C 6D71 6276 '............mqbv'
000000A0: 6965 7720 2020 2020 'iew ' |
IMS, the format of the auth event message is documented... in the APR manual.
07f3 (hex) == 2035(dec). 2035 MQRC_NOT_AUTHORIZED.
_________________
I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Tue Mar 08, 2011 6:42 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
You won't see the plain text 'AMQ4036' in the event message.
Among other things, it's not a REASON CODE. It's an AMQ message. not the same thing.
As bruce2359 says, look at the documented structure for the various Not Authorized event messages.
Also look at something like MH05. |
|
| Back to top |
|
|
| exerk |
| Posted: Tue Mar 08, 2011 6:54 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
| mqjeff wrote: |
| ...Also look at something like MH05... |
Only V7.0
| rickwatsonb wrote: |
| ...We will be testing OAM authorities in experimental soon on UNIX with MQ V6.0.2.6... |
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| bruce2359 |
| Posted: Tue Mar 08, 2011 7:00 am Post subject: Re: AUTHOREV Enabled – Reason Code |
|
|
Poobah
Joined: 05 Jan 2008
Posts: 9399
Location: US: west coast, almost. Otherwise, enroute.
|
| rickwatsonb wrote: |
| but I do not see reason code AMQ4036 in the event message. |
Because AMQ4036 is NOT a ReasonCode; rather, it is an error message.
Before your next post, please do a bit of research on your own. There is an error messages manual available for download from IBM. A quick search for AMQ4036 on Google would have helped you identify the authorization problem on your own.
_________________
I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Tue Mar 08, 2011 8:40 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| exerk wrote: |
| mqjeff wrote: |
| ...Also look at something like MH05... |
Only V7.0
| rickwatsonb wrote: |
| ...We will be testing OAM authorities in experimental soon on UNIX with MQ V6.0.2.6... |
|
MO01 then.
Or a few other supportPacs. |
|
| Back to top |
|
|
| rickwatsonb |
| Posted: Tue Mar 08, 2011 11:06 am Post subject: |
|
|
Voyager
Joined: 15 Aug 2006
Posts: 87
Location: USA: Mid-West
|
Thank you all for your replys.
From the readme.txt file for MH05 it looks like it works with MQ V6.
| Quote: |
SupportPac MH05 v1.0 - IBM(R) WebSphere(R) MQ Events Display Tool
The IBM WebSphere MQ Events Display Tool SupportPac provides a simple but yet
powerful command line tool (Xmqdspev) to display WebSphere MQ events
that are generated on the SYSTEM.ADMIN.*.EVENT event queues.
NAME
Xmqdspev - Display IBM WebSphere MQ Events
VERSION
1.0 (Java(TM))
PRE-REQS
IBM WebSphere MQ V6 or IBM WebSphere MQ V7
If used with IBM WebSphere MQ V6 it requires jar file com.ibm.mq.pcf-6.1.jar
shipped with SupportPac MS0B - IBM WebSphere MQ Java classes for PCF.
...
|
mqjeff wrote:
| Quote: |
Among other things, it's not a REASON CODE. It's an AMQ message. not the same thing.
As bruce2359 says, look at the documented structure for the various Not Authorized event messages.
|
I should have written that I was looking for the reason code in the event message that was relative to the MQ Explorer message.
I also did look at the documented structure for the event messages - but I missed the part where it explained that the reason code would be listed in hex. I did not understand that
| Quote: |
MQRC_NOT_AUTHORIZED (2035, X'7F3').
|
meant that it would be displayed in hex.
It is also difficult to know that a support pac is needed to read the important event message stuff if is not stated in the same content as the event message description (or some where else). Or, maybe I am just missing seeing that detail also.
Thanks for your input. |
|
| Back to top |
|
|
| zpat |
| Posted: Tue Mar 08, 2011 11:14 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5849
Location: UK
|
| Browse the event queue with MO71, it will format the event message. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Tue Mar 08, 2011 11:15 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
It is somewhat hard to understand at first glance that event messages will not be human readable.
But no PCF message is intended to be human readable, they are only and exactly intended to be processed by programs.
You don't necessarily need a supportPac to make them human readable, but you do need software of some kind - even if it is just software in your brain that reads the fields of the PCF message and interprets the hex values produced from amqsbcg into binary values that match those fields. |
|
| Back to top |
|
|
| exerk |
| Posted: Tue Mar 08, 2011 11:24 am Post subject: |
|
|
Jedi Council
Joined: 02 Nov 2006
Posts: 6339
|
| Quote: |
SupportPac MH05 v1.0 - IBM(R) WebSphere(R) MQ Events Display Tool
The IBM WebSphere MQ Events Display Tool SupportPac provides a simple but yet
powerful command line tool (Xmqdspev) to display WebSphere MQ events
that are generated on the SYSTEM.ADMIN.*.EVENT event queues.
NAME
Xmqdspev - Display IBM WebSphere MQ Events
VERSION
1.0 (Java(TM))
PRE-REQS
IBM WebSphere MQ V6 or IBM WebSphere MQ V7
If used with IBM WebSphere MQ V6 it requires jar file com.ibm.mq.pcf-6.1.jar
shipped with SupportPac MS0B - IBM WebSphere MQ Java classes for PCF.
...
|
That'll learn me to actually look inside the SupportPac before shooting fromthe lip 
_________________
It's puzzling, I don't think I've ever seen anything quite like this before...and it's hard to soar like an eagle when you're surrounded by turkeys. |
|
| Back to top |
|
|
| rickwatsonb |
| Posted: Tue Mar 08, 2011 1:51 pm Post subject: |
|
|
Voyager
Joined: 15 Aug 2006
Posts: 87
Location: USA: Mid-West
|
Thank you all for your replys.
zpat - I am trying to get MO71 working. I read parts of the MO71 pdf and at first I was thinking it would connect to a remote queue manager with similar attributes as that given for MQ Explorer. But, there is no mention of a port, or IP/server name. So, my thinking must be wrong [img]  [/img]...will try again tomorrow.
exerk - np
mqjeff - Thanks for providing the extra detail. I am not sure where to find the info stating that the "Not Authorized (type 1,2,3,4)" output PCF commands in the message data but I do appreciate you sharing it!
BTW - is that why the message data shows up as just a $ in MQ Explorer for the queue manager event queue?
If only there were "cheat sheets" available that summarized all the detail for some of the common topics.[img]  [/img] |
|
| Back to top |
|
|
| bruce2359 |
| Posted: Tue Mar 08, 2011 2:00 pm Post subject: |
|
|
Poobah
Joined: 05 Jan 2008
Posts: 9399
Location: US: west coast, almost. Otherwise, enroute.
|
| Quote: |
| BTW - is that why the message data shows up as just a $ in MQ Explorer for the queue manager event queue? |
A $? Not sure what you are saying here. You already posted the contents of the auth message.
_________________
I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live. |
|
| Back to top |
|
|
| rickwatsonb |
| Posted: Tue Mar 08, 2011 2:17 pm Post subject: |
|
|
Voyager
Joined: 15 Aug 2006
Posts: 87
Location: USA: Mid-West
|
bruce2359 wrote:
| Quote: |
A $? Not sure what you are saying here. You already posted the contents of the auth message.
|
On the unix server I ran (as mqm uid) “/opt/mqm/samp/bin/amqsbcg SYSTEM.ADMIN.QMGR.EVENT QMGR.TEST5” to produce the output given in the initial post.
When I view the SYSTEM.ADMIN.QMGR.EVENT queue via MQ Explorer all I see is "$" for the message data.
Is this expected? Or, should I see what the amqsbcg script produced?
Thanks for your help. |
|
| Back to top |
|
|
| bruce2359 |
| Posted: Tue Mar 08, 2011 2:43 pm Post subject: |
|
|
Poobah
Joined: 05 Jan 2008
Posts: 9399
Location: US: west coast, almost. Otherwise, enroute.
|
| Quote: |
| Is this expected? Or, should I see what the amqsbcg script produced? |
No. Yes.
_________________
I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live. |
|
| Back to top |
|
|
| skoobee |
| Posted: Tue Mar 08, 2011 11:14 pm Post subject: |
|
|
Acolyte
Joined: 26 Nov 2010
Posts: 52
|
The PCF msg is an authority event type 4. The fields in the event are:
[quote]
MQCFH 1
--------
Offset: 0 x0
Type: 7 MQCFT_EVENT
StrucLength: 36 x24
Version: 1
Command: 44 x2C MQCMD_Q_MGR_EVENT
MsgSeqNumber: 1
Control: 1
CompCode: 1
Reason: 2035 x7F3 MQRC_NOT_AUTHORIZED
ParameterCount: 4
MQCFT_STRING
------------
Parameter Nr: 1
Offset: 36 x24
Type: 4
StrucLength: 68 x44
Parameter: 2015 x7DF MQCA_Q_MGR_NAME
CodedCharSetId: 0 x0
StringLength: 48 x30
String: <QMGR.TEST5 >
Hex: <514D47522E54455354352020202020202020202020202020202020202020202020202020202020202020202020202020>
MQCFT_INTEGER
-------------
Parameter Nr: 2
Offset: 104 x68
Type: 3
StrucLength: 16 x10
Parameter: 1020 x3FC MQIACF_REASON_QUALIFIER
Value: 4 x4
MQCFT_INTEGER
-------------
Parameter Nr: 3
Offset: 120 x78
Type: 3
StrucLength: 16 x10
Parameter: 1021 x3FD MQIACF_COMMAND
Value: 13 xD MQCMD_INQUIRE_Q
MQCFT_STRING
------------
Parameter Nr: 4
Offset: 136 x88
Type: 4
StrucLength: 32 x20
Parameter: 3025 xBD1 MQCACF_USER_IDENTIFIER
CodedCharSetId: 0 x0
StringLength: 12 xC
String: <mqbview >
Hex: <6D7162766965772020202020>
[/quote] |
|
| Back to top |
|
|
|
|
