Skip to main content

WebSphere MQ 8.0 LDAP Authorization - Middleware News

LDAP Authorization

The V8.0.0 Connection Authentication feature which checked your user ID and password has been extended in V8.0.0.2 to allow LDAP authorization as well. The new fields that allow you to configure this on an AUTHTYPE(IDPWLDAP) Authentication Information object are protected by the 801 Command Level.
New Attribute MQSC name
See DEF AUTHINFO
Look for 		PCF constant and values
See Create Authentication Information
Look for
LDAP Auth Method
AUTHORMD
  • OS
  • SEARCHGRP
  • SEARCHUSR
MQIA_LDAP_AUTHORMD (263)
  • MQLDAP_AUTHORMD_OS (0)
  • MQLDAP_AUTHORMD_SEARCHGRP (1)
  • MQLDAP_AUTHORMD_SEARCHUSR (2)
LDAP Group Object Class CLASSGRP
MQCA_LDAP_GROUP_OBJECT_CLASS (2133)
  • String of length MQ_LDAP_CLASS_LENGTH (128)
LDAP Base DN Group BASEDNG
MQCA_LDAP_BASE_DN_GROUPS (2132)
  • String of length MQ_LDAP_BASE_DN_LENGTH (1024)
LDAP Group Attr Field GRPFIELD
MQCA_LDAP_GROUP_ATTR_FIELD (2134)
  • String of length MQ_LDAP_FIELD_LENGTH (128)
LDAP Find Group FINDGRP
MQCA_LDAP_FIND_GROUP_FIELD (2135)
  • String of length MQ_LDAP_FIELD_LENGTH (128)
LDAP Group Nesting
NESTGRP
  • NO
  • YES
MQIA_LDAP_NESTGRP (264)
  • MQLDAP_NESTGRP_NO (0)
  • MQLDAP_NESTGRP_YES (1)

Channel Status

Channels now show the security protocol in use – helping those people who were unsure how to answer the oft-asked question after the POODLE vulnerability, “are you still using an SSL CipherSpec?” Now instead of looking up your CipherSpec in the table in Knowledge Center, you can instead see this information output in the channel status display. Read more about this in Know your protocol.
New Attribute MQSC name PCF constant and values
Security Protocol
SECPROT
  • NONE
  • SSLV3
  • TLSV1
  • TLSV12
MQIACH_SECURITY_PROTOCOL (1645)
  • MQSECPROT_NONE (0)
  • MQSECPROT_SSLV30 (1)
  • MQSECPROT_TLSV10 (2)
  • MQSECPROT_TLSV12 (4)

AMQP Channel

In support of the MQLight in IBM MQ Beta, there is a whole new channel type with an associated set of channel attributes added. This is not yet documented in Knowledge Center but is visible when operating a queue manager at Command Level 801, and in the header files for PCF applications. Along with the Beta download that enables some of these attributes, there is a PDF of instructions on how to use the attributes available at the above link for the Beta. Be aware that although you can view and set all these attributes, not all of them are implemented by the current Beta. Get involved with the Beta program and read the PDF file mentioned above to see which attributes are currently usable.
New Attribute MQSC name PCF constant and values
Channel Type
CHLTYPE
  • AMQP
MQIACH_CHANNEL_TYPE (1511)
  • MQCHT_AMQP (11)
Description DESCR
MQCACH_DESC (3502)
  • String of length MQ_CHANNEL_DESC_LENGTH
Port PORT
MQIACH_PORT (1522)
  • Value in the range 1 – 65335
Local Address LOCLADDR
MQCACH_LOCAL_ADDRESS (3520)
  • String of length MQ_LOCAL_ADDRESS_LENGTH
SSL/TLS Certificate Label CERTLABL
MQCA_CERT_LABEL (2121)
  • String of length MQ_CERT_LABEL_LENGTH
SSL/TLS Cipher Spec SSLCIPH
MQCACH_SSL_CIPHER_SPEC (3544)
  • String of length MQ_SSL_CIPHER_SPEC_LENGTH
SSL/TLS Client Auth SSLCAUTH
MQIACH_SSL_CLIENT_AUTH (1568)
  • String of length MQ_SSL_CIPHER_SPEC_LENGTH
SSL/TLS Peer Name SSLPEER
MQCACH_SSL_PEER_NAME (3545)
  • String of length MQ_SSL_PEER_NAME_LENGTH
Alteration Date ALTDATE
MQCA_ALTERATION_DATE (2027)
  • String of length MQ_DATE_LENGTH
Alteration Time ALTTIME
MQCA_ALTERATION_TIME (2028)
  • String of length MQ_TIME_LENGTH
AMQP Keep Alive AMQPKA
MQIACH_AMQP_KEEP_ALIVE (1644)
  • Values in the range 0 – 99 999
  • MQKAI_AUTO
Use Client Identifier
USECLTID
  • YES
  • NO
MQIACH_USE_CLIENT_ID (1629)
  • MQUCI_YES (1)
  • MQUCI_NO (0)
Max Message Length MAXMSGL
MQIACH_MAX_MSG_LENGTH (1510)
  • Values in the range 0 – 100MB
MCA UserId MCAUSER
MQCACH_MCA_USER_ID (3527)
  • String of length MQ_MCA_USER_ID_LENGTH
Max Instances MAXINST
MQIACH_MAX_INSTANCES (1618)
  • Values in the range 0 – 999 999 999

Display Connection

With the introduction of the AMQP channel in CommandLevel 801, there is also a new attribute returned when you display application connections.
New Attribute MQSC name PCF constant and values
AMQP Client ID CLIENTID
MQCACF_AMQP_CLIENT_ID (3207)
  • String of length MQ_AMQP_CLIENT_ID_LENGTH (256)
Labels:

Comments

Post a Comment

adsrerrapop

Popular posts from this blog

IBM Websphere MQ interview Questions Part 5

MQ Series: - It is an IBM web sphere product which is evolved in 1990’s. MQ series does transportation from one point to other. It is an EAI tool (Middle ware) VERSIONS:-5.0, 5.1, 5.3, 6.0, 7.0(new version). The currently using version is 6.2 Note: – MQ series supports more than 35+ operating systems. It is platform Independent. For every OS we have different MQ series software’s. But the functionality of MQ series Default path for installing MQ series is:- C: programfiles\BM\clipse\SDK30 C: programfiles\IBM\WebsphereMQ After installation it will create a group and user. Some middleware technologies are Tibco, SAP XI. MQ series deals with two things, they are OBJECTS, SERVICES. In OBJECTS we have • QUEUES • CHANNELS • PROCESS • AUTHENTICATION • QUERY MANAGER. In SERVICES we have LISTENERS. Objects: – objects are used to handle the transactions with the help of services. QUEUE MANAGER maintains all the objects and services. QUEUE: – it is a database structure
137 comments
Read more

IBM Websphere MQ Reason code list / mq reason codes / websphere mq error codes / mq error messages

Reason code list ================= The following is a list of reason codes, in numeric order, providing detailed information to help you understand them, including: * An explanation of the circumstances that have caused the code to be raised * The associated completion code * Suggested programmer actions in response to the code * 0 (0000) (RC0): MQRC_NONE * 900 (0384) (RC900): MQRC_APPL_FIRST * 999 (03E7) (RC999): MQRC_APPL_LAST * 2001 (07D1) (RC2001): MQRC_ALIAS_BASE_Q_TYPE_ERROR * 2002 (07D2) (RC2002): MQRC_ALREADY_CONNECTED * 2003 (07D3) (RC2003): MQRC_BACKED_OUT * 2004 (07D4) (RC2004): MQRC_BUFFER_ERROR * 2005 (07D5) (RC2005): MQRC_BUFFER_LENGTH_ERROR * 2006 (07D6) (RC2006): MQRC_CHAR_ATTR_LENGTH_ERROR * 2007 (07D7) (RC2007): MQRC_CHAR_ATTRS_ERROR * 2008 (07D8) (RC2008): MQRC_CHAR_ATTRS_TOO_SHORT * 2009 (07D9) (RC2009): MQRC_CONNECTION_BROKEN * 2010 (07DA) (RC2010): MQRC_DATA_LENGTH_ERROR * 2011 (07DB) (RC2011): MQRC_DYNAMIC_Q_NAME_ERROR * 2012 (07DC) (RC201
2 comments
Read more

IBM WebSphere MQ – Common install/uninstall issues for MQ Version on Windows - Middleware News

Creating a log file when you install or uninstall WebSphere MQ WebSphere MQ for Windows is installed using the Microsoft Installer (MSI). If you install the MQ server or client through launchpad , MQPARMS or setup.exe , then a log file is automatically generated in %temp% during installation. Alternatively you can supply parameters on the installation MSI command msiexec to generate a log file, or enable MSI logging system-wide (which generates MSI logs for all install and uninstall operations). If you uninstall through the Windows Add/Remove programs option, no log file is generated. You should either uninstall from the MSI command line and supply parameters to generate a log file, or enable MSI logging system-wide (which generates MSI logs for all install and uninstall operations). For details on how to enable MSI logging, see the following article in the WebSphere MQ product documentation: Advanced installation using msiexec For details on how to enable system-w
Post a Comment
Read more