java Websphere MQ v8 - MQRC_NOT_AUTHORIZED - 2035
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/25911557/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Websphere MQ v8 - MQRC_NOT_AUTHORIZED - 2035
提问by JIV
I am testing WebSphere on local for development purposes and now i wanted to move to new PC. But i dont remember exactly how i get rid of that error in title. I know there are tons of posts about this error since introduction MQ 7.1 how to disabled security. I remember last time i did runmqsc.exe QM_name -> ALTER CHLAUTH(DISABLED). But its not working anymore?! What else i need to change so anyone can connect to queue?
我正在本地测试 WebSphere 以用于开发目的,现在我想转移到新 PC。但我不记得我是如何摆脱标题中的错误的。我知道自从引入 MQ 7.1 如何禁用安全性以来,有很多关于此错误的帖子。我记得上次我运行了 runmqsc.exe QM_name -> ALTER CLAUTH(DISABLED)。但它不再工作了?!我还需要更改什么才能让任何人都可以连接到队列?
> DIS QMGR CHLAUTH
> 2 : DIS QMGR CHLAUTH AMQ8408: Display Queue Manager details.
> QMNAME(QueueManager1) CHLAUTH(DISABLED)
Thanks.
谢谢。
回答by Morag Hughson
WebSphere MQ V7.1 introduced CHLAUTH rules which by default banned remote access by privileged users. To turn off CHLAUTH you are correct that you can issue
WebSphere MQ V7.1 引入了 CHLAUTH 规则,默认情况下禁止特权用户进行远程访问。要关闭 CHLAUTH,您是正确的,您可以发出
ALTER QMGR CHLAUTH(DISABLED)
However, you could also very simply allow yourself access on a particular channel as described in CHLAUTH - Allow some privileged admins.
但是,您也可以非常简单地允许自己访问特定频道,如CHLAUTH - 允许某些特权管理员中所述。
IBM MQ V8 introduced Connection Authentication which default demands a password to authenticate a remote privileged user. To make this OPTIONAL (as it is for non-privileged users) you can issue
IBM MQ V8 引入了连接身份验证,默认情况下需要密码来对远程特权用户进行身份验证。要使此 OPTIONAL(对于非特权用户而言),您可以发出
ALTER AUTHINFO(SYSTEM.DEFAULT.AUTHINFO.IDPWOS) AUTHTYPE(IDPWOS)
CHCKCLNT(OPTIONAL)
rather than turning it off completely with
而不是完全关闭它
ALTER QMGR CONNAUTH(' ')
After either of these commands you'll need to issue the following command for the queue manager to be aware of your changes.
在执行这些命令中的任何一个之后,您需要发出以下命令以使队列管理器知道您的更改。
REFRESH SECURITY TYPE(CONNAUTH)
You mention that this is for development purposes which is fair enough, but remember to turn these features on so that you can make your queue manager secure when using it in production!
您提到这是出于开发目的,这很公平,但请记住打开这些功能,以便在生产中使用队列管理器时可以确保它的安全!
Also, remember that the queue manager error log will provide you with details about why your application got the 2035, for example, "Channel is Blocked" for CHLAUTH and "Missing password" for CONNAUTH.
另外,请记住,队列管理器错误日志将为您提供有关您的应用程序为何获得 2035 的详细信息,例如,CHLAUTH 的“Channel is Blocked”和 CONNAUTH 的“Missing password”。
回答by JIV
Ok so i found it! ALTER CHLAUTH(DISABLED) is not enough, you have to remove Connection Authentification as well (QM properties -> Extended)
好的,所以我找到了!ALTER CLAUTH(DISABLED) 是不够的,您还必须删除连接身份验证(QM 属性 -> 扩展)
