Problem Description As I mentioned in one the previous posts: MQCSP structures, containing the user ID and password of the user being authenticated, are sent in the clear across the network, if you’re not using TLS to encrypt your traffic. For example, if you setup LDAP for authentication (as described in the previous post), start […]
Posts Tagged ‘#mqauthentication’
ChlauthEarlyAdopt and AdoptContext rules behavior in MQ v9.1+
August 8, 2019. Due to a security vulnerability, IBM changed the order of operations when authenticating users in v9.1. This is important if you setup your security on a prior version and then migrate to v9.1. Your security rules might stop working as you intended. In this post, we will talk about “channel early adoption” […]
How to configure IBM MQ authentication: OS and LDAP
IBM MQ user authentication An IBM MQ queue manager can be configured to authenticate connecting users. But it does not keep a list of users or their passwords. That is the functionality that MQ leaves to external resources. There are two options you can choose from: Authenticate using the operating system Authenticate using a Lightweight […]