IBM MQ user access permission: put/get messages on a queue - authorization

How do I set MQ permissions for a windows user (username and password)
to be able to use a queue, so a java client can get and put messages ?
I already have a queue manager up and listening on (windows) port 1414 on locallost and a queue defined.

Related

EdgeX: Listen to IoT Messaging Bus from Redis Server

EdgeX uses Redis PubSub by default for its messaging bus (https://docs.edgexfoundry.org/2.3/microservices/application/Triggers/).
I have started the Redis server locally.
I have Core Data and/or Device Services running, which I believe is
also configured defaultly to use Redis Pub/Sub.
I have a Virtual Device Service that publishes data to the
edgex/events/# topic
(https://docs.edgexfoundry.org/2.3/microservices/device/virtual/Ch-VirtualDevice/).
Finally, I have configured my Application Service to subscribe to
the topic edgex/events/#, as shown in the example.
[Trigger.EdgexMessageBus]
Type = "redis" # message bus type (i.e "redis`, `mqtt` or `zero` for ZeroMQ)
[Trigger.EdgexMessageBus.SubscribeHost]
Host = "localhost"
Port = 6379
Protocol = "redis"
SubscribeTopics="edgex/events/#"
[Trigger.EdgexMessageBus.PublishHost]
Host = "localhost"
Port = 6379
Protocol = "redis"
PublishTopic="" # optional if publishing response back to the MessageBus
The Application Service is able to recieve all the messages sent to the topic.
However, when I go directly to the redis server (using redis-cli) and subscribe to SUBSCRIBE edgex/events/# or any other variant (edgex/events,edgex), nothing appears. Even checking PUBSUB CHANNELS shows that there are no active channels.
I am assuming that since EdgeX is using my localhost redis server (or any remote server, for that matter), that I'd be able to directly check with that redis server, subscribe to the topic that EdgeX is publishing to, and see the same messages.
Am I missing anything?
Thanks!
The EdgeX implementation is using PSUBSCRIBE with wildcards; the only command that will give you visibility is PUBSUB NUMPAT. You will need to identify the correct pattern for what you are trying to subscribe to AND have your subscriber running before anything is published as Redis PubSub is fire/forget.
Rather than going directly to Redis, I recommend using the EdgeX Application Services to subscribe and then either operate on the results directly or feed that to an external service.

RabbitMQ Multiple Consumers with Single connection Object

I have 35 queues in my application. I have created a single connection object and 35 unique channel to consume the data from the dedicated queue.
Some time (after running 6 hrs and 12 hrs), I'm not able to receive any messages from the RabbitMQ. In the rabbitMQ management portal the consumers are not available.
Exception in the RabbitMQ loggers:
closing AMQP connection <0.10985.3> (127.0.0.1:63478 ->
127.0.0.1:5672, vhost: '/', user: 'guest'): client unexpectedly closed TCP connection
Is this fine with one connection for the all the consumers? Or is something wrong?
I am using RabbitMQ 3.6.12 and amqp-client-5.5.0.jar for the Java client.

.net application send and receive directly to Remote Queue Manager

i'm trying to connect my VB.net application to Remote Queue Manager.
but keep getting the followig Erorr: MQRC_Q_MGR_NAME_ERROR. can anyone tell me what i'm doing wrong?
here is the code i'm using:
Dim mqQMgr As MQQueueManager = Nothing
Dim props As New Hashtable()
props.Add(MQC.HOST_NAME_PROPERTY, "192.168.28.191")
props.Add(MQC.CHANNEL_PROPERTY, "SYSTEM.ADMIN.SVRCONN")
props.Add(MQC.USER_ID_PROPERTY, "AQ")
props.Add(MQC.PORT_PROPERTY, 1313)
props.Add(MQC.TRANSPORT_PROPERTY, MQC.TRANSPORT_MQSERIES_BINDINGS)
mqQMgr = New MQQueueManager("QMSEPAM", props)
i also tried differentconnection method (MQC.TRANSPORT_MQSERIES_CLIENT) and i get the following error:
"MQRC_NOT_AUTHORIZED"
Thanks in advance.
You need to set MQC.TRANSPORT_PROPERTY property to MQC.TRANSPORT_MQSERIES_MANAGED or MQC.TRANSPORT_MQSERIES_CLIENT for connecting through TCP/IP socket to a queue manager that is running on a remote machine or on the same machine as your application . The MQC.TRANSPORT_MQSERIES_BINDINGS should be used only when the queue manager is running on the same machine as your application in which case your application would communicate with queue manager using shared memory.
The MQRC_NOT_AUTHORIZED (2035) is thrown if the user with which your application is attempting to connect to a remote queue manager does not have authority. There are multiple ways of providing access to queue manager, talk to your IBM MQ Administrator to provide you the required authority. Take a look at this link. BTW what version of MQ are you using?
Update: Two points
1) Is user AQ same as logged in user of the machine where the .NET application is running? MQ .NET v7.5 sends the logged in user id to queue manager for authorization unless you are using a security exit. If you are not using any security exit then the logged in user id must exist on remote machine and has authorizations to connect.
2) Do not add user to mqm as users in that group are blocked from connecting to queue manager by the Channel Authentication feature
There are couple of posts in SO that you can read:
WebSphere MQ v7.1 Security User Credentials
MQRC_NOT_AUTHORIZED error while connecting to Websphere MQ 7.1
Finally if you are just testing out your application and do not really need user id authorization, then you can disable channel authentication by running the below runmqsc command.
ALTER QMGR CHLAUTH (DISABLED)

Stomp ActiveMQ questions

I am new to Stomp ActiveMQ. I want to create a login from an android client and I don't know how to use ActiveMq. I\ve installed active mq, configured stomp and run the stompexample.
1. I have an error when running activemq from command line if I add in in the activemq.xml the following line:
<transportConnector name="stomp+nio" uri="stomp+nio://localhost:61612"/>
<transportConnector name="stomp+ssl" uri="stomp+ssl://localhost:61612"/>
Can someone please explain what is with tx1 and tx2? Is there a way to send on the queue a message to a specific client? how?
connection.connect("system", "manager");
connection.begin("tx1");
connection.send("/queue/test", "message1");
connection.send("/queue/test", "message2");
connection.commit("tx1");
connection.subscribe("/queue/test", Subscribe.AckModeValues.CLIENT);
connection.begin("tx2");
StompFrame message = connection.receive();
System.out.println(message.getBody());
connection.ack(message, "tx2");
message = connection.receive();
System.out.println(message.getBody());
connection.ack(message, "tx2");
connection.commit("tx2");
connection.disconnect();
Can someone please tell me how to create an application that sends on a queue a text containing username, password and receives an answer if the register was successful?
You need to configure the transport connectors with different port numbers, they can't both share port 61612. Your configure is create a Stomp NIO connector and a different Stomp SSL Connector.
You can't send messages to a distinct client, you just place them on a Queue and if there is a client subscribed it will get the message, that's the nature of Queue based messaging. The TX1 TX2 stuff is sending the messages within a transaction.
Recommend you take some time to read up of JMS Messaging, the Stomp spec and some other messaging based tutorials.

WCF MSMQ Message queue not being processed

I have setup a WCF service that i am running on IIS 7 that uses MSMQ message queueing, The messages are being put into the queue correctly on the server but the WCF service isn't processing them so the queue just builds up.
As #FelicePollano suggests, this may be a permissions problem. Here are specific items to check:
Make sure that account for the Net.Msmq Listener Adapter Windows service has these permissions to the queue that your service is using: receive message, peek message, send message, get properties, and get permissions. You have to go to Message Queuing node in Computer Manager control panel app to set/check these. By default, this is the Network Service account.
Make sure the account for service site AppPool also has permissions to the queue. The permission should be set to full control.
If these are not set up this way then make the changes, restart the AppPool and also restart the Net.Msmq Listener Adapter Windows service. If everything is working correctly the queue should automatically drain itself.
Check if the queue is visible from the service. Sometimes if you create a queue with the logged user the IIS worker process cannot acces it.