[英]Websphere MQ v8 - MQRC_NOT_AUTHORIZED - 2035
I am testing WebSphere on local for development purposes and now i wanted to move to new PC.我正在本地测试 WebSphere 以用于开发目的,现在我想转移到新 PC。 But i dont remember exactly how i get rid of that error in title.但我不记得我是如何摆脱标题中的错误的。 I know there are tons of posts about this error since introduction MQ 7.1 how to disabled security.我知道自从引入 MQ 7.1 如何禁用安全性以来,有很多关于此错误的帖子。 I remember last time i did runmqsc.exe QM_name -> ALTER CHLAUTH(DISABLED).我记得上次我运行了 runmqsc.exe QM_name -> ALTER CLAAUTH(DISABLED)。 But its not working anymore?!但它不再工作了?! What else i need to change so anyone can connect to queue?我还需要更改什么才能让任何人都可以连接到队列?
> DIS QMGR CHLAUTH
> 2 : DIS QMGR CHLAUTH AMQ8408: Display Queue Manager details.
> QMNAME(QueueManager1) CHLAUTH(DISABLED)
Thanks.谢谢。
WebSphere MQ V7.1 introduced CHLAUTH rules which by default banned remote access by privileged users. WebSphere MQ V7.1 引入了 CHLAUTH 规则,默认情况下禁止特权用户进行远程访问。 To turn off CHLAUTH you are correct that you can issue要关闭 CHLAUTH,您是正确的,您可以发出
ALTER QMGR CHLAUTH(DISABLED)
However, you could also very simply allow yourself access on a particular channel as described in CHLAUTH - Allow some privileged admins .但是,您也可以非常简单地允许自己访问特定频道,如CHLAUTH - 允许某些特权管理员中所述。
IBM MQ V8 introduced Connection Authentication which default demands a password to authenticate a remote privileged user. IBM MQ V8 引入了连接身份验证,默认情况下需要密码来对远程特权用户进行身份验证。 To make this OPTIONAL (as it is for non-privileged users) you can issue要使此可选(对于非特权用户),您可以发出
ALTER AUTHINFO(SYSTEM.DEFAULT.AUTHINFO.IDPWOS) AUTHTYPE(IDPWOS)
CHCKCLNT(OPTIONAL)
rather than turning it off completely with而不是完全关闭它
ALTER QMGR CONNAUTH(' ')
After either of these commands you'll need to issue the following command for the queue manager to be aware of your changes.在执行这些命令中的任何一个之后,您需要发出以下命令以使队列管理器知道您的更改。
REFRESH SECURITY TYPE(CONNAUTH)
You mention that this is for development purposes which is fair enough, but remember to turn these features on so that you can make your queue manager secure when using it in production!您提到这是出于开发目的,这很公平,但请记住打开这些功能,以便在生产中使用队列管理器时可以确保它的安全!
Also, remember that the queue manager error log will provide you with details about why your application got the 2035, for example, "Channel is Blocked" for CHLAUTH and "Missing password" for CONNAUTH.此外,请记住,队列管理器错误日志将为您提供有关您的应用程序为何获得 2035 的详细信息,例如,CHLAUTH 的“Channel is Blocked”和 CONNAUTH 的“Missing password”。
Ok so i found it!好的,所以我找到了! ALTER CHLAUTH(DISABLED) is not enough, you have to remove Connection Authentification as well (QM properties -> Extended) ALTER CLAUTH(DISABLED) 是不够的,您还必须删除连接身份验证(QM 属性 -> 扩展)
you just need to execute the below你只需要执行下面的
ALTER QMGR CHLAUTH(DISABLED)
REFRESH SECURITY TYPE(CONNAUTH)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.