我是新来的IBM WebSphere MQ
。我正在运行它docker
容器。用户 'sampleuser
' and 'root
' 是 ' 的一部分mqm
' 容器内的组。我能够以“root”用户和“sampleuser”身份从主机访问 MQ(我也在主机中创建了“sampleuser”)。
我想启用匿名身份验证,以便无论客户端用户 ID 是什么,他们都应该能够访问 MQ。我虽然MCAUSER('sampleuser')
会为我做的。但这不起作用。我从 Eclipse IBM 资源管理器收到错误 AMQ4036(未授权)。请指教。
ALTER QMGR PSNPRES(SAFE)
ALTER QMGR PSMODE (ENABLED)
DEFINE CHANNEL(SYSTEM.ADMIN.SVRCONN) CHLTYPE(SVRCONN) MCAUSER('sampleuser') REPLACE
更新#1我更新了代码以允许特权用户。但还是失败了。
ALTER QMGR PSNPRES(SAFE)
ALTER QMGR PSMODE (ENABLED)
SET CHLAUTH(*) TYPE(BLOCKUSER) USERLIST('*NOACCESS')
DEFINE CHANNEL(SYSTEM.ADMIN.SVRCONN) CHLTYPE(SVRCONN) MCAUSER('sampleuser') REPLACE
这是我得到的日志。
EXPLANATION:
The user ID 'sampleuser' and its password were checked because the user ID is
privileged and the queue manager connection authority (CONNAUTH) configuration
refers to an authentication information (AUTHINFO) object named
'SYSTEM.DEFAULT.AUTHINFO.IDPWOS' with CHCKCLNT(REQDADM).
This message accompanies a previous error to clarify the reason for the user ID
and password check.
ACTION:
Refer to the previous error for more information.
Ensure that a password is specified by the client application and that the
password is correct for the user ID. The authentication configuration of the
queue manager connection determines the user ID repository. For example, the
local operating system user database or an LDAP server.
To avoid the authentication check, you can either use an unprivileged user ID
or amend the authentication configuration of the queue manager. You can amend
the CHCKCLNT attribute in the CHLAUTH record, but you should generally not
allow unauthenticated remote access.
更新#2基于 JohnMC 的回答和参考提供对 IBM WebSphere MQ 的匿名访问我终于成功了..:)
ALTER QMGR PSNPRES(SAFE)
ALTER QMGR PSMODE (ENABLED)
ALTER QMGR CHLAUTH(DISABLED)
SET CHLAUTH(*) TYPE(BLOCKUSER) USERLIST('*NOACCESS')
DEFINE CHANNEL(SYSTEM.ADMIN.SVRCONN) CHLTYPE(SVRCONN) MCAUSER('sampleuser') REPLACE
ALTER AUTHINFO(SYSTEM.DEFAULT.AUTHINFO.IDPWOS) AUTHTYPE(IDPWOS) CHCKCLNT(OPTIONAL)
REFRESH SECURITY TYPE(CONNAUTH)