Open leondelange123 opened 4 months ago
ibmmqmet
commented
4 months ago Why are you using MQSERVER environment variable? The README shows how you point at the CCDT where the CLNTCONN is defined to use the exit. The error message reads like that you've actually set the exit on the SVRCONN end
leondelange123
commented
3 months ago Hi Mark,
Thanks for the reply as always.
So yes I noticed that this is for client connections which I missed the first time round. I got most of it going now with the client connection thanks.
Tell me what’s the plan to have this exit include in MQ code or perhaps the exit just on a channel. I’m asking since most of our channels don’t use a CCDT tables or client connections. We not there yet 😊
Our issue started when our company started using minimum password length of 14 chars which is an issue for MQ I believe so we had to disable LDAP checking.
I was hoping the token would be the way out for us I have to say 😃
ibmmqmet
commented
3 months ago I cannot comment on any future plans here.
If you don't want to use CCDTs, then you can - of course - rework you applications to essentially embed the same logic. Some samples for other languages already do that. But the CCDT (or app programming) is needed for any TLS communication to the qmgr as you can't do that entirely with environment variables.
And there's no restriction on password lengths provided your app is using the MQCSP structure. Maybe mixing it up with the 12-char restriction on userids.
Hi,
I have setup and have tried a number of things now and still its not working.
Can you confirm if this exit works with Keycloak ver 25.0.0 and MQ 9.4.0 on Linux HREL 8 ?
If I do the curl command to my keycloak server I get tokens back. If I try the sample as suggested I can get it working until I add the exit like this... and then its starts failing.
DEFINE CHANNEL(ADM.SVRCONN2) CHLTYPE(CLNTCONN) CONNAME( 'zapsdcrapp3276.corp.dsarena.com(1420)') QMNAME(FILEBPRD01) SCYEXIT('extjwtexit(ChlExit)') SCYDATA(DEBUG)
Also no DEBUG info which makes this almost unusable as there isnt any proper errors.
[mqm@server3276 ssl]$ export JWT_TOKEN_USERNAME=xxxxxxxx [mqm@server3276 ssl]$ export JWT_TOKEN_PWD=xxxxxxxx [mqm@server3276 ssl]$ export JWT_TOKEN_CLIENTID=eJgX2xoNwFIhJLo1O2LQsUf8rFZeXMEb [mqm@server3276 ssl]$ export MQSERVER="ADM.SVRCONN2/TCP/10.11.12.13(1420)" [mqm@server3276 ssl]$ export MQSERVER="ADM.SVRCONN2/TCP/10.11.12.13(1420)" [mqm@server3276 ssl]$ /apps/MQ940/MQServer/samp/bin/amqsputc Q2 FILEBPRD01 Sample AMQSPUT0 start MQCONNX ended with reason code 2538
If I remove ONLY the exit "extjwtexit(ChlExit)" from the channel it all works just fine. I can connect and put messages to the queue
07/25/2024 05:42:19 PM - Process(1951211.12) User(mqm) Program(amqrmppa) Host(server3276.corp.dsarena.com) Installation(Installation2) VRMF(9.4.0.0) QMgr(FILEBPRD01) Time(2024-07-25T15:42:19.399Z) CommentInsert1(ADM.SVRCONN2) CommentInsert2(extjwtexit(ChlExit))
AMQ9536E: Channel ended by an exit.
EXPLANATION: Channel program 'ADM.SVRCONN2' was ended by exit 'extjwtexit(ChlExit)'. ACTION: None.
Any help would be appreciated as I cannot be the only one out there trying this :-)