Search code examples
dockerjmswebsphereibm-mq

MQSeries Docker image: queue manager without authentication

How can I make the queue manager (which exists by default in the docker image) accept any connection without authentication?

I went through all the options in the web console (:9443/ibmmq/console/) and tried anything that I thought might have the effect I wanted, but couldn't find it.

TIA & BR, Christian

Edit: here's the code I'm using to connect

JmsFactoryFactory ff = JmsFactoryFactory.getInstance(WMQConstants.WMQ_PROVIDER);
JmsConnectionFactory cf = ff.createConnectionFactory();

// Set the properties

cf.setStringProperty(WMQConstants.WMQ_HOST_NAME, HOST);
cf.setIntProperty(WMQConstants.WMQ_PORT, PORT);
cf.setStringProperty(WMQConstants.WMQ_CHANNEL, CHANNEL);
cf.setIntProperty(WMQConstants.WMQ_CONNECTION_MODE, WMQConstants.WMQ_CM_CLIENT);
cf.setStringProperty(WMQConstants.WMQ_QUEUE_MANAGER, QMGR);
cf.setStringProperty(WMQConstants.WMQ_APPLICATIONNAME, "JmsPutGet (JMS)");
//cf.setBooleanProperty(WMQConstants.USER_AUTHENTICATION_MQCSP, true);
//cf.setStringProperty(WMQConstants.USERID, APP_USER);
//cf.setStringProperty(WMQConstants.PASSWORD, APP_PASSWORD);

// Create JMS objects
context = cf.createContext();

----------edit------------

Error log after

  • removing "connection authentication" for the QM
  • setting the channel auth. record (under extended) to "As Queue Manager"

    AMQ9557E: Queue Manager User ID initialization failed for '[my OS user]'. 
EXPLANATION:
The call to initialize the User ID '[my OS user]' failed with CompCode 2 and
Reason 2035. If an MQCSP block was used, the User ID in the MQCSP block was ''.
ACTION:
Correct the error and try again.
Solution

  • If you are trying to disable the MQ Connection Authentication feature so that userid & passwords are not authenticated then you can do this by executing the following MQSC commands in runmqsc against the Queue Manager. ALTER QMGR CONNAUTH(' ') REFRESH SECURITY(*) TYPE(CONAUTH)

    Alternatively in the MQ web Console:

    1. Select your queue manager in the Queue Manager widget
    2. Click properties
    3. Go to the Extended section and scroll down
    4. Set the "Connection Authentication" attribute to a blank value
    5. Click save adn then close
    6. Select your queue manager in the Queue Manager widgit
    7. Click the ... and select Refresh security from the drop down
    8. "Select connection authentication"
    9. Add widget: "Channel authentication records"
    10. In this widget, select the entry for your channel, click properties under "Extended" set client connections to "As Queue Manager"

    If required:

    Select your QM in the "Queue Manager" widget, open properties (...), "refresh security...", "Connection authentication". Make sure the default user name (in the standard docker installation, that's "app") is set in the channel properties under MCA (as sugg. by @JoshMc)