In WebSphere JAAS aliases can be defined for 3rd party resources like database/ MQ/ JMS etc. There is a property res-auth in the deployment descriptor that defines which auth alias to use. There are two kinds of res-auth container or application. For container we use container managed authentication aliases. For application we use component managed authentication aliases. The default if no res-auth is specified is application.
For MQ Listener Ports, there is no place to specify a res-auth and hence it defaults to the J2C default res-auth which is application and hence if security credentials need to be passed on to MQ from WAS via a QCF used in a listener port a component managed authentication alias is required.
Wednesday, June 2, 2010
Subscribe to:
Comments (Atom)