Skip to main content

Posts

Showing posts from September, 2014

MQCSP Password Protection in IBM Websphere MQ V8 - Middleware News

The MQCSP structure enables the authorization service to authenticate a user ID and password from the client. We can specify the MQCSP connection security parameters structure on an MQCONNX call. Prior to Websphere MQ version 8 the passwords from client to the queue manager were sent across the network in plain text if SSL/TLS encryption is not used which is insecure. MQ version 8 provides options to send passwords that are included in the MQCSP structure protected by using websphere MQ functionality or by using SSL/TLS encryption. This password protection mechanism is applicable to MQ version 8 queue managers, MQI C clients, java & JMS clients and .NET clients. Password protection is used when all of the following conditions are met: -Both ends of the connection are using WebSphere MQ version 8.0. -The channel is not using SSL/TLS encryption. -If the client is WebSphere MQ Explorer and user identification compatibility mode is not enabled, which is not the default

IBM Websphere MQ Securing cluster queues from unauthorized applications - Middleware News

Each cluster environment is different, and so it follows that each cluster has to be secured in different way. For example, a bank sector's IBM MQ environment might have one or more queue managers for each of its branch offices. Since the same kinds of transactions occur in those branch offices, all branch office queue managers can be clustered to access the applications running in the central office. In this kind of environment, all the cluster queue mangers are designed for the same purpose and belong to the same company. Therefore, the cluster queue managers can trust each other. Once the application transaction enters into the cluster through any of the cluster queue managers, MQ might not need to re-check the authorization in each level. So it becomes necessary to perform access control before the transaction enters in

New IBM WebSphere MQ 7.1, 7.5 and 8.0 attributes in DISPLAY QMGR for new or migrated queue managers - Middleware News

WebSphere MQ 7.1, 7.5 and 8.0 introduce new features and some of them are represented as new attributes to the QMGR object in runmqsc, which can be shown via the command DISPLAY QMGR. a) These attributes are common to new queue managers created in MQ 7.1, 7.5 and 8.0, or to migrated queue managers created in previous versions and then upgraded to MQ 7.1, 7.5 and 8.0: ACTVCONO(DISABLED) < - New in 7.1 ACTVTRC(OFF)   < - New in 7.1 CERTLABL('ibmwebspheremqqm_X')             < - - - New in 8.0 CERTVPOL(ANY)   < - New in 7.1 CHLAUTH()          < - New in 7.1 feature is DISABLED for migrated Queue Mgr But it is ENABLED for new Queue Managers CONNAUTH('SYSTEM.DEFAULT.AUTHINFO.IDPWOS') < - - - New in 8.0 CUSTOM( )          < - New in 7.1 DEFCLXQ(SCTQ)             < - - New in 7.5 PSCLUS(ENABLED)    < - New in 7.1 SPLCAP(DISABLED)          < - - New in 7.5 SUITEB(NONE)       < - New in 7.1 VERSION()          < - New in

adsrerrapop