| Author |
Message
|
| EAI Developer |
 Posted: Wed Nov 09, 2011 1:34 pm Post subject: sftp using FileInput Node |
 |
|
Centurion
Joined: 30 Nov 2005
Posts: 101
Location: US
|
Hi All,
I am facing issue while using FileInput node to do sftp call to one of the external server.
I am running the below command :
mqsisetdbparms SDME22QABK -n sftp::FREEDOM -u vwnet -p xxxxxx.
Error Message :
File node 'SFTP-Input' in message flow 'sftp_msg_flow'. The remote user identifier supplied as 'FREEDOM' is invalid.
Broker is on Solaris machine. Toolkit is on Windows XP. the external server is an UNIX machine. When I do the same sftp from the SSH using same credentials , it is working fine, though I feel broker is not even trying to connect, in my case.
Please help. Thanks !
_________________
___________________
Regards,
EAI Developer. |
|
| Back to top |
|
 |
| lancelotlinc |
| Posted: Wed Nov 09, 2011 2:59 pm Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
Refer to MustGather docs to turn on trace for the node. That will tell you the exact cause of the problem.
_________________
http://leanpub.com/IIB_Tips_and_Tricks
Save $20: Coupon Code: MQSERIES_READER |
|
| Back to top |
|
|
| fjb_saper |
| Posted: Wed Nov 09, 2011 9:38 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
| Quote: |
| File node 'SFTP-Input' in message flow 'sftp_msg_flow'. The remote user identifier supplied as 'FREEDOM' is invalid. |
I thought this was specific enough. Verify the user name and remember that case matters.
Check your template. I understand the sftp service is supposed to be named FREEDOM. For whatever reason the broker thinks this is the username...
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| zpat |
| Posted: Thu Nov 10, 2011 12:32 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
Better not to use fixed, unexpirying passwords (security 101!). Or even worse have to update wmb when the sftp fails because someone changed it.
Use ssh keys instead. First generate them for the broker id (using ssh-keygen) then supply the broker id's public key (.ssh/id_rsa.pub) to the sftp server (to manually add it to their .ssh/authorized_keys file as a one time task).
Then set up the setdbparms to reference the brokers private key file.
| Code: |
| mqsisetdbparms SDME22QABK -n sftp::FREEDOM -u vwnet -i /home/SDME22QABK/.ssh/id_rsa |
As if by magic - no passwords needed ever again.
In this example FREEDOM would be the configurable service name. The userid used to access it is vwnet. The password is not required due to using PKI.
The configurable service would be something like this
| Code: |
| mqsicreateconfigurableservice SDME22QABK -c FtpServer -o FREEDOM -n serverName,protocol,securityIdentity,remoteDirectory -v dnsname.com,SFTP,vwnet,/xxx/files |
Where dnsname.com is the DSN name or IP address of the sftp server. See the infocenter for the other parameters.
The file node would then reference the configurable service name. NOT the sftp server directly.
Better not to code host names into flows, not even as UDPs - use configurable service definitions. |
|
| Back to top |
|
|
| EAI Developer |
| Posted: Thu Nov 10, 2011 2:07 pm Post subject: |
|
|
Centurion
Joined: 30 Nov 2005
Posts: 101
Location: US
|
@ lancelotlinc : I am getting the below error in Event log, immediately after restarting the broker. So, not sure trace will give any help.
@ fjb_saper : I was thinking "remote user identifier" and "Security Identity" are one and the same.
mqsireportproperties log :
accountInfo=''
cipher=''
compression=''
connectionType=''
knownHostsFile=''
mac=''
protocol=''
remoteDirectory=''
scanDelay=''
securityIdentity='FREEDOM'
serverName='xfr.motive.com:22'
strictHostKeyChecking=''
timeoutSec=''
transferMode=''
@ zpat : Agree. I will propose the same thing to external vendor. Hope they will agree for it.
Raised PMR, waiting for IBM to respond. Also, have backup plan ( java code for sftp ), which I want to avoid.
_________________
___________________
Regards,
EAI Developer. |
|
| Back to top |
|
|
| EAI Developer |
| Posted: Mon Nov 14, 2011 12:56 pm Post subject: |
|
|
Centurion
Joined: 30 Nov 2005
Posts: 101
Location: US
|
Hi,
The issue is resolved now. It is something to do with old server info struct in the broker. Now, I am able to sftp the server to get the files.
Now, the issue is we are handling .gz (gun zip) files. I can able to poll the files and read them as BLOB into java compute node. I have the code to unzip the file taking the inputstream as input.
But, for reason , I could not cast the incoming blob to inputstream or byte array. Please help.
byte[] dataByteArray = (byte[])inMessage.getRootElement().getLastChild().getFirstChild().getValue();
_________________
___________________
Regards,
EAI Developer. |
|
| Back to top |
|
|
| lancelotlinc |
| Posted: Mon Nov 14, 2011 1:10 pm Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
Try getBuffer() rather than getValue(). Also make sure your get...child statements point to the desired tree branch.
_________________
http://leanpub.com/IIB_Tips_and_Tricks
Save $20: Coupon Code: MQSERIES_READER |
|
| Back to top |
|
|
| EAI Developer |
| Posted: Mon Nov 14, 2011 1:57 pm Post subject: |
|
|
Centurion
Joined: 30 Nov 2005
Posts: 101
Location: US
|
Hi,
Thanks , it worked and yes, I was suppose to access "getLastChild().getValue()" in my previous post.
_________________
___________________
Regards,
EAI Developer. |
|
| Back to top |
|
|
| northlander |
| Posted: Fri Feb 03, 2012 4:50 am Post subject: |
|
|
Newbie
Joined: 03 Feb 2012
Posts: 1
|
Did you get a patch or is this fixed in 7.0.0.3??
Did you take any other step to solve the issue with invalid security id?
| EAI Developer wrote: |
Hi,
The issue is resolved now. It is something to do with old server info struct in the broker. Now, I am able to sftp the server to get the files.
Now, the issue is we are handling .gz (gun zip) files. I can able to poll the files and read them as BLOB into java compute node. I have the code to unzip the file taking the inputstream as input.
But, for reason , I could not cast the incoming blob to inputstream or byte array. Please help.
byte[] dataByteArray = (byte[])inMessage.getRootElement().getLastChild().getFirstChild().getValue(); |
|
|
| Back to top |
|
|
|
|
