Fundamentals of

Websphere MQ Series

Agenda
Websphere MQ Introduction
Websphere MQ Objects
Websphere MQ Administration Basics
Hands-on part 1
Distributed MQ

Websphere MQ Clusters

Hands-on part 2
Websphere MQ Programming Basics
Hands-on part 3

Introduction

Messaging and Queuing

Telephone answering machine
Punched Cards and processing
Clerical Data Input and processing
Information Management Systems (IMS)
Customer Information Control System (CICS)
Telecommunications Access Methods (TCAM)

Virtual Telecommunications Access Method

Messaging and Queuing

Messaging is

an availability adaptation technique used for the transfer

of information between two entities without regard for
the immediate availability and accessibility of either

Queuing

a time adaptation technique user for saving information

until the intended message receiver is ready to receive it

Messaging and queuing is both asynchronous and

connection less

Note: entities can be program, persons, systems etc

Requirements
Distributed applications and systems
Increase in program to program communication
Heterogeneous Platforms
Multiple communication protocols
Maximize resource utilization
Development complexity and resource skill set

Websphere MQ (MQ Series until '02)

IBM middleware for messaging & queuing
Launched on MVS/ESA in 1992
Currently available on all major platforms

Windows
UNIX (AIX\Linux\Sun Solaris, HP-UX)
AS/400
Z/OS

Common API (MQI) on all platforms

Supports multiple programming languages

C, C++, JAVA, VB, COBOL,PL/1,Assembler

Supports JMS standard APIs for messaging

MQ Objects

MQ Message
String of bytes meaningful to the entity using it.
Two parts to MQ messages
Application Data

Content and structure defined and understood by the

application program

Message Descriptor

Contains control information like type of message and

priority which are understood and used by MQ

Default length is 4 MB; the max length is 100 MB

Length can be restricted by the definition of MQ
objects and the system storage
Messages can be segmented or grouped

MQ Messages

Message Types (Functional)

Datagram
Request
Reply
Report

Message Retention Types

Persistent
Non-persistent

MQ Message Descriptor
Version
Message ID/Correlation ID
Persistent/Non persistent
Priority
Date and time
Life time of a message
Coded Character Set Id
Format
Sender application and type
Report options/Feedback
Back out counter
Segmentation/Grouping information

MQ Object Types
Queue manager
Queue
Process Definitions
Channels
Name lists
System Default Objects
Clusters
Authentication Information Objects

MQ Object Names
Up to 48 characters for all objects except channels
Up to 20 characters for channels

Uppercase A- Z
Lowercase a - z
Numerics 0 - 9
Period (.)
Underscore (_)
Forward slash (/)*
Percent sign (%)*

Blanks are not allowed

* - If used, names should be enclosed in double quotes since these are special characters

Managing MQ Objects
Control commands typed in through key board.
MQSC commands through key board or from files
Programmable Command Format (PCF) Messages
MQ Administration Interface (MQAI) call from a
program
MQ Explorer snap-in and MQ services snap-in
running under Microsoft management Console*

* - Applicable to Windows platform only

Message Queue Manager (MQM)

Manages queues of messages for applications
Provides application programming interface MQI
Uses existing network facilities to transfer
messages
Coordinates database and queue data updates
Segments messages and assembles them
Allows message grouping and disassembling
Can send message to more than one destination
Provides administrative functions on objects
Special events like triggers and instrumentation
events are generated

MQ Queues
For Applications
Local Queues
Remote Queues
Alias Queues
Model Queues
Dynamic Queues

Used by MQ
Initiation Queues
Transmission Queues
Cluster Transmission
Queues
Dead-letter Queues
Command Queues
Reply-to queues
Event Queues

Process definition
Defines an application that starts in response to a
trigger
Attributes include application type, application ID
(path) and data specific to the application

Channels
Logical communication link
Communication path from one MQM to another
Used to move messages between MQMs
Shields applications from underlying protocols
Message Channels connects two MQMs

Uses Message Channel Agents (MCA)

Unidirectional
Requires a sender, receiver channels and a protocol

MQI Channels connects MQ client to server

Bidirectional
Used for MQ calls and responses only

Namelist
Contains a list of MQ objects; queue, cluster,
authinfo
Typically used by trigger monitors to identify a
group of queues
Used in clustered environment to inform the
availability of an MQ object to clusters
Maintained independent of application and can be
modified without stopping it
Multiple applications can use a Namelist

MQ Overview1

MQ Overview

MQ Client

MQ Server (MQM1)

MQ Server (MQM2)

Remote Q

Local Q

Application
MQPUT
MQI
Channel

MQI
Channel

Sender
Channel

Receiver
Channel

Putting Together1

System Default Objects

Object Name
SYSTEM.ADMIN.CHANNEL.EVENT
SYSTEM.ADMIN.COMMAND.QUEUE
SYSTEM.ADMIN.PERFM.EVENT
SYSTEM.ADMIN.QMGR.EVENT
SYSTEM.AUTH.DATA.QUEUE
SYSTEM.CHANNEL.INITQ
SYSTEM.CHANNEL.SYNCQ
SYSTEM.CICS.INITIATION.QUEUE
SYSTEM.CLUSTER.COMMAND.QUEUE
SYSTEM.CLUSTER.REPOSITORY.QUEUE
SYSTEM.CLUSTER.TRANSMIT.QUEUE
SYSTEM.DEAD.LETTER.QUEUE

Descriptio n
Event queue for channels
Administration command queue. Used for remote MQSC commands and PCF commands.
Event queue for performance events
Event queue for queue manager events
The queue that holds access control lists for the queue manager.
Channel initiation queue
The queue that holds the synchroniz ation data for channels.
Default CICS initiation queue.
The queue used to carry messages to the repository queue manager.
The queue used to store all repository information
The transmission queue for all messages to all clusters
Dead-letter (undelivered-message) queue.

System Default Objects

Object Name
SYSTEM.DEFAULT.ALIAS.QUEUE
SYSTEM.DEFAULT.INITIATION.QUEUE
SYSTEM.DEFAULT.LOCAL.QUEUE
SYSTEM.DEFAULT.MODEL.QUEUE
SYSTEM.DEFAULT.REMOTE.QUEUE
SYSTEM.MQSC.REPLY.QUEUE
SYSTEM.PENDING.DATA.QUEUE

Descriptio n
Default alias queue
Default initiation queue
Default local queue
Default model queue
Default remote queue
MQSC command reply-to queue. This is a model queue.
Support deferred messages in JMS.

SYSTEM.DEFAULT.NAMELIST

Default namelist.

SYSTEM.DEFAULT.PROCESS

Default process definition.

System Default Objects

Object Name
SYSTEM.DEFAULT.AUTHINFO. CRLLDAP
SYSTEM.AUTO.RECEIVER
SYSTEM.AUTO.SVRCONN
SYSTEM.DEF.CLUSRCVR
SYSTEM.DEF.CLUSSDR
SYSTEM.DEF.RECEIVER
SYSTEM.DEF.REQUESTER
SYSTEM.DEF.SENDER
SYSTEM.DEF.SERVER
SYSTEM.DEF.SVRCONN
SYSTEM.DEF.CLNTCONN

Descriptio n
Default authentication information object.
Dynamic receiver channel.
Dynamic server-connection channel.
Default receiver channel for the cluster
Default sender channel for the cluster
Default receiver channel.
Default requester channel.
Default sender channel.
Default server channel.
Default server-connection channel.
Default client-connection channel.

Basic MQ Administration

Basic Administration*
Define MQ Objects
Display MQ Objects
Alter MQ Objects
Delete MQ Objects
Miscellaneous

* - Control Commands and MQSC Commands

MQM Administration

Create MQ Manager

CRTMQM

e.g. CRTMQM /q TESTQMGR

/q sets the MQM as default

Start MQ Manager

STRMQM

e.g. STRMQM TESTQMGR

Stop MQ Manager

ENDMQM

e.g. ENDMQM TESTQMGR

Delete MQ Manager

DLTMQM

e.g. ENDMQM TESTQMGR

MQM Administration

Stop MQ Manager ENDMQM Options

By default MQM is quiesced and so takes time
-c to notifies all applications to stop but doesn't
wait for MQM to end
-c is same as issuing ENDMQM with no options
-w waits until apps stop and MQM ends
-i immediate and doesn't wait for apps to
disconnect
-p pre-emptive and should be used with caution

Managing MQM Objects

MQSC Commands by running RUNMQSC
Verify a command without running it
Run a command on a local queue manager
Run a command on a remote queue manager
To display MQM properties

STRMQM TESTQMGR (if not started already)

RUNMQSC or RUNMQSC TESTQMGR
display QMGR (MQSC Command)
END

RUNMQSC can accept commands through key

board or from a file

RUNMQSC < command.in > execution.out

Managing Queues

Create a local queue

Display a local queue

DISPLAY QLOCAL(TEST.LOCAL.QUEUE)

Alter a local queue

DEFINE QLOCAL(TEST.LOCAL.QUEUE)

ALTER QLOCAL(TEST.LOCAL.QUEUE) +
GET(DISABLED)

Delete a local queue

DELETE QLOCAL(TEST.LOCAL.QUEUE) PURGE

Managing Trigger Processes

Create a Process

DEFINE PROCESS(PROC1) REPLACE +

DESCR('test proc') APPLTYPE(WINDOWS)+
APPLICID('c:\test\prog.exe')

Display a Process

Alter a Process

DISPLAY PROCESS(PROC1)
ALTER PROCESS(PROC1)USERDATA('12')

Delete a Process

DELETE PROCESS(PROC1)

Enabling Triggers

Enabling trigger in a queue

DEFINE QLOCAL(TEST.LOCAL.QUEUE)REPLACE +
TRIGGER TRIGTYPE(first)PROCESS(PROC1)+
INITQ(SYSTEM.DEFAULT.INITIATION.QUEUE)

Trigger Types

every
first
N messages

Managing Channels

Create a Channel

DEFINE CHANNEL(MQMA.MQMB)CHLTYPE(sdr)+
XMITQ(MQMB) TRPTYPE(tcp)+
CONNAME(SERVER1.XYZ.COM)

Display a Channel

Alter a Channel

DISPLAY CHANNEL(MQMA.MQMB)
ALTER CHANNEL(MQMA.MQMB)+
CONNAME(SERVER2.XYZ.COM)

Delete a Channel

DELETE CHANNEL(MQMA.MQMB)

Managing Namelist

Create a Namelist

DEFINE NAMELIST(CLUSTERNL)+
NAMES(CLUSA,CLUSB)+
NLTYPE(CLUSTER)REPLACE

Display a Namelist

DISPLAY NAMELIST(CLUSTERNL)

Alter a Namelist

DEFINE NAMELIST(CLUSTERNL)+
NAMES(CLUSA,CLUSB,CLUSC)+
NLTYPE(CLUSTER)

Delete a Namelist

DELETE NAMELIST(CLUSTERNL)

Hands-on Part 1
MQ Administration

Distributed MQ

Distributed MQ
Transferring messages between Queue Managers
Queue Managers can be on the same machine or
world apart
Queue Managers can be on the same platform or
hetrogenous platforms
Implemented using Distributed Queue Management
(DQM) features of MQ including MQ Clusters

Distributed MQ Components
Local and remote Queue Managers and queues
Local is one to which an application is connected
Remote queue definition
Local definition of a queue in a remote MQM
Transmission Queues
Special local queue to store message temporarily
before transmitting to remote destination
Message channel agents (MCA)
Software that handles sending and receiving
Channels
One way communication link between MQMs

Distributed MQ Components
Dead letter queue
Special queue to store undelivered messages
Transport Service
Communication protocol independent of MQ
MQ supports multiple protocols
Platform dependent
Channel Initiators and Listeners
Initiators are trigger monitors for sender channels
Listeners start receiver channels on receiving
request from the sender MCA
Channel Exit Programs
Used for additional processing like encryption

Distributed MQ Components

App
Q

M
C
A

Channel
Transport
Service (TCP)

M
C
A

App Q

XMIT Q
Channel
Initiator

Listener

Init Q

M
C
A
App Q

QM1

Channel
Transport
Service (TCP)

App Q

M
C
A
XMIT Q

QM2

Sample DQM Definition1

CHAD Channel Auto Definition

Sample DQM Definition

On QMA

Define QREMOTE(Q1)+
RNAME(Q1)+
RQMNAME(QMB)+
XMITQ(QMB)
DEFINE QLOCAL(QMB)+
USAGE(XMITQ)
DEFINE CHANNEL(A.B)+
CHLTYPE(sdr)+
XMITQ(QMB)+
TRPTYPE(tcp)+
CONNAME(SERVERB.COM)
DEFINE QLOCAL(Q2)
DEFINE CHANNEL(B.A)+
CHLTYPE(rcvr)+
TRPTYPE(tcp)

On QMB

DEFINE QLOCAL(Q1)
DEFINE CHANNEL(A.B)+
CHLTYPE(rcvr)+
TRPTYPE(tcp)
Define QREMOTE(Q2)+
RNAME(Q2)+
RQMNAME(QMA)+
XMITQ(QMA)
DEFINE QLOCAL(QMA)+
USAGE(XMITQ)
DEFINE CHANNEL(B.A)+
CHLTYPE(sdr)+
XMITQ(QMA)+
TRPTYPE(tcp)+
CONNAME(SERVERA.COM)

Channel Types & Combinations

Channel Types
Sender
Receiver
Server
Requester
Cluster Sender
Cluster Receiver

Valid Combinations
Sender - Receiver
Requester - Server
Requester - Sender
Server - Receiver
Cluster Sender
Cluster Receiver

Queue Addressing & Aliases

Queue Name + Queue Manager Name +
Transmission Queue (if remote queue)
Remote Queue Definition
Resolves the remote queue location
Queue Manager Alias Definition
Specifies alternative names for the message
descriptor of a send message
Reply-to Queue Alias Definition
Specifies alternative names for the reply
information in the message descriptor
Aliases are characterized by a blank RNAME in the
remote queue definition

Remote Queue Definition

Remote Queue Definition

Define QREMOTE(Q1)RNAME(Q1)+
RQMNAME(QMB)XMITQ(QMB)

Resolves the remote queue address using the

remote queue manager, remote queue name and the
transmission queue
If the transmission queue is not specified, a
transmission queue with the name of the remote
queue manager will be used
If not available, the default transmission queue of
the queue manager will be used

Queue Manager Alias

Queue Manager Alias

Define QREMOTE(QMB_Test)RNAME()+
RQMNAME(QMB)
Define QREMOTE(QMB_Test)RNAME()+
RQMNAME(QMB)XMITQ(QMC)

Messages with MQM QMB_Test in the descriptor

will be modified to QMB before being forwarded
XMITQ parameter can be used to steer the message
to use a specified channel
If transmission queue is not specified, the logic
detailed in the previous slide will be used

Reply-to Queue Alias

Can be used to alter the reply-to queue and queue
manager without changing the application
At the sender queue manager

Define QREMOTE(QMA_Reply) +
RNAME(Answer_QMA)RQMNAME(QMA_Return)
Define QREMOTE(QMA_Return)RNAME()+
RQMNAME(QMA)

In PUT call leave the reply to queue manager

blank and set the queue name to QMA_Reply
At the replying queue manager

Define QLOCAL(QMA_Return)USAGE(XMITQ)

Reaching Remote Queue Managers

Point to point
Multi-hopping
Using shared channels
Using multiple channels
Using MQ clusters

DMQ Commands

Start Channel Initiators

RUNMQCHI -q IQ (Control Command)

START CHINIT INITQ(IQ) (MQSC Command)

Stopping Channel Initiators

Alter the init queue to disable GET from queue
Start MQM Listeners

RUNMQLSR -t TCP -m MQM-p 1414 (control

Command)*
START LISTENER IPADDR(X.X.X.X) PORT(nnnn)
TRPTYPE(tcp) (MQSC Command)

*-This requires editing of /etc/services and /etc/inetd.conf files to add

MQSeries 1414/tcp
#MQ Listener
MQSeries stream tcp nowait mqm /usr/mqm/bin/amqcrsta -q mqm.name

DMQ Commands

Stop MQM Listeners

ENDMQLSR -m MQM (control Command)

STOP LISTENER IPADDR(X.X.X.X) PORT(nnnn)
TRPTYPE(tcp) (MQSC Command)

Start MQ Channel

RUNMQCHL -c CHANNEL -m QM (Control Command)

START CHANNEL(channel-name) (MQSC Command)

Stop MQ Channel

STOP CHANNEL(channel-name) (MQSC Command)

Display MQ Channel Status

DISPLAY CHSTATUS(channel-name) (MQSC

Command)

DMQ Commands

To test a channel

PING CHANNEL(channel-name) (MQSC Command)

MQ Clusters

DQM vs Clusters
DQM Components
Local MQM
Remote Q definition
Xmit Q definition
Sender Channel
Remote MQM
Local Q
Receiver Channel
Listener

Cluster Definitions
Local MQM
Cluster receiver channl
Cluster sender channel

Remote MQM
Cluster receiver channl
Cluster sender channel

Cluster Advantages
Reduced system administration due to reduced
number of definitions
Increased availability and scalability due to easy
administration and multiple instances of queues
Work load balancing using multiple instances of
queues

Cluster Component Details

MQ Cluster is a network of logically related MQMs
and need to be unique in an enterprise
Cluster Queue Manager is a MQM that is a
member of a MQ Cluster and should be unique in
the cluster
Cluster Queue is a queue hosted in a cluster queue
manager and is available to all MQM in a cluster
Repository is a collection of information about the
queue managers that are part of a cluster
Full Repository is one which stores a complete set
of information about all MQMs in the cluster
Partial Repository is one which stores information
which is required to deal with interested MQMs

Cluster Component Details

Repository Queue manager is a cluster queue

manager which stores a full repository

SYSTEM.CLUSTER.REPOSITORY.QUEUE

Cluster Receiver Channel is the receiving end of a

channel on which cluster MQMs can receive
messages from other MQMs in the cluster
Cluster Sender Channel is the sending end of a
channel on which cluster MQMs can send cluster
information to one of the full repositories
Cluster Transmission Queue transmits all messages
from a cluster MQM to any MQM in the cluster

SYSTEM.CLUSTER.TRANSMIT.QUEUE

Command Queue is used to make requests and get

responses from full repositories

Clustered MQ Components
Cluster - CLUA

App Q

Cluster Receiver Channel

Transport Service (TCP)

XMIT Q

App Q

Cluster Sender Channel

Full
Repository

Full
Repository

App Q1

Cluster Receiver Channel

App Q1

QM1

Transport Service (TCP)

XMIT Q

QM2

Cluster Definition
On QM1

RUNMQSC
ALTER QMGR REPOS(CLUA)
DEFINE
CHANNEL(TO.QM1)+
CHLTYPE(CLUSRCVR)+
TRPTYPE(tcp)+
CONNAME(QM1.COM)+
CLUSTER(CLUA)
DEFINE
CHANNEL(TO.QM2)+
CHLTYPE(CLUSSDR)+
TRPTYPE(tcp)+
CONNAME(QM2.COM)+
CLUSTER(CLUA)
DEFINE QLOCAL(Q1)+
CLUSTER(CLUA)

On QM2

RUNMQSC
ALTER QMGR REPOS(CLUA)
DEFINE
CHANNEL(TO.QM2)+
CHLTYPE(CLUSRCVR)+
TRPTYPE(tcp)+
CONNAME(QM1.COM)+
CLUSTER(CLUA)
DEFINE
CHANNEL(TO.QM1)+
CHLTYPE(CLUSSDR)+
TRPTYPE(tcp)+
CONNAME(QM1.COM)+
CLUSTER(CLUA)
DEFINE QLOCAL(Q)+
CLUSTER(CLUA)

Adding new QM (QM3) to Cluster

RUNMQSC
DEFINE
CHANNEL(TO.QM3)+
CHLTYPE(CLUSRCVR)+
TRPTYPE(tcp)+
CONNAME(QM3.COM)+
CLUSTER(CLUA)
DEFINE
CHANNEL(TO.QM1)+
CHLTYPE(CLUSSDR)+
TRPTYPE(tcp)+
CONNAME(QM1.COM)+
CLUSTER(CLUA)
Note: QM3 doesn't store a full repository and points to QM1 repository

Adding new QM on DHCP to Cluster

RUNMQSC
DEFINE
CHANNEL(TO.QM3)+
CHLTYPE(CLUSRCVR)+
TRPTYPE(tcp)+
CONNAME('')+
CLUSTER(CLUA)
DEFINE
CHANNEL(TO.+QMNAME+)+
CHLTYPE(CLUSSDR)+
TRPTYPE(tcp)+
CONNAME(QM2.COM)+
CLUSTER(CLUA)
Note: the channel definition TO.+QMNAME+ will be replaced by TO.QM2

Verifying a Cluster
Each MQM require a channel initiator to monitor
the system defined init Q SYSTEM.CHANNEL.INITQ
START CHINIT
Each MQM require a channel listener to listen to
incoming network requests
START LISTENER PORT(1414)+
TRPTYPE(TCP)
Verify all the available MQMs in the cluster
DISPLAY CLUSQMGR(*)
Verify all the channel statuses
DISPLAY CHSTATUS(*)

Load Balancing Using Cluster

Define the same queue in multiple queue managers
in the cluster
MQ series will use the default algorithm (round
robin) to identify MQM and transfer message
Default algorithm can be changed using the cluster
workload user exit

Hands-on Part 2
Creating MQ Clusters

MQ Programming

Messaging and Queuing Patterns

One to one
One to many
Many to one
Publish/Subscribe
Request/reply
One-way datagram or send-and-forget

One to One Pattern 1

One to Many Pattern 1

Many to One Pattern 1

Publish/Subscribe Pattern 1

Request/Reply Pattern 1

Send and Forget Pattern1 (Datagram)

Transaction Management
ACID unit of work
Single phase commit
Two phase commit with XA specification
compliant resource managers
BackoutCount and BackoutThreshold attributes to
avoid looping

Message Queuing Interface (MQI)

Call
MQCONN
MQDISC
MQOPEN
MQCLOSE
MQPUT
MQGET
MQPUT1
MQINQ
MQSET
MQCONNX
MQBEGIN
MQCMIT
MQBACK

Purpose
Connect to a Queue Manager
Disconnect from a Queue Manager
Open a specific Queue
Close a Queue
Put a message on a queue
Get a message from a queue
MQOPEN + MQPUT + MQCLOSE
Inquire Properties of an object
Set properties of an object
Standard or fast path bindings
Begin an unit of work
Commit an unit of work
Back out to the start of unit of work

MQI Data Structures

Name
MQBO
MQCNO
MQDH
MQGMO
MQMD
MQOD
MQOR
MQPMO

Purpose
Specifies options for MQBEGIN call
Specifies options for MQCONNX call
Describes the data in a distribution-list message
Specifies options for MQGET call
Message descriptor details to control message in a MQGET or MQPUT call
Object descriptor which is required in a MQOPEN call
Object record identifies the destinations to work with in a distribution list
Specifies options for MQPUT call

MQ Programming Sequence
Connect to
MQM

MQCONN

Open MQ
Objects

MQOPEN

Perform n
operations
Close MQ
Objects
Disconnect
from MQM

BASIC OP

MQCLOSE

MQDISC

MQ JAVA Programming

JAVA Programming Environment

Required jar file

com.ibm.mq.jar

Normally found in the MQ installation directory

Environment variable set-up
Add com.ibm.mq.jar to the classpath

CLASSPATH=install_dir\lib\com.ibm.mq.jar

install_dir is platform dependent

Import required package in the code

Import com.ibm.mq.*;

Connection Modes

Connection Modes

Binding Mode

Client Connection
Mode

MQ Series JAVA Classes

MQEnvironment

MQQueueManager

Contains options which control MQQueue.put() method

MQGetOptions

Represents the descriptor and data of a MQ message

MQPutOptions

Provides inquiry, set,put,get operations for queues

MQMessage

Represents the MQ series queue manager

MQQueue

Contains the static variables that control the environment

in which a MQQueueManager is constructed

Contains options which control MQQueue.get() method

MQException

Contains completion codes and error code constants

Setting up the Connection

MQEnvironment.hostname=TEST.SERVER.COM
MQEnvironment.channel=TEST.CLIENT.CHNL
MQEnvironment.port=1638
MQEnvironment.userId=userABC
MQEnvironment.password=password
MQEnvironment.properties.put(MQC.TRANSPOR
T_PROPERTY,MQC.TRANSPORT_MQSERIES)
MQQueueManager qMgr = new
MQQueueManager(TEST);

Interacting with Queues - Put

Int openOptions =
MQC.MQOO_OUTPUT|MQC.MQOO_FAIL_IF_QUIESCI
NG;
MQQueue queue =
qMgr.accessQueue(TestQ,openOptions);
MQPutMessageOptions pmo = new
MQPutMessageOptions();
MQMessage outMsg = new MQMessage();
outMsg.format = MQC.MQFMT_STRING;
String msgString = Test message;
outMsg.writeString(msgString);
queue.put(outMsg,pmo);

Interacting with Queues - Get

Int openOptions =
MQC.MQOO_INPUT_SHARED|MQC.MQOO_FAIL_IF_Q
UIESCING;
MQQueue queue =
qMgr.accessQueue(TestQ,openOptions);
MQGetMessageOptions gmo = new
MQGetMessageOptions();
gmo.options = gmo.options +
MQC.MQGMO_SYNCPOINT;
gmo.options = gmo.options +
MQC.MQGMO_WAIT;
gmo.waitInterval = 3000;
MQMessage inMsg = new MQMessage();
queue.put(inMsg,gmo);

Closing the Connection

qMgr.commit();
queue.close();
qMgr.disconnect();

Hands-on Part 3
MQ Programming

MQ Security

Security Services
Identification and Authentication
Access Control
Confidentiality
Data Integrity
Non repudiation

Managing security is more concerned with managing risk to a

level that is acceptable to the business.

Security Mechanism
Access Control Lists
Cryptography
Digital Signatures

Security Terminology & Concepts

Cryptography
Message Digests
Digital Signatures
Digital Certificates
Certification Authorities
Public Key Infrastructure (PKI)
Secure Sockets Layer (SSL)

Cryptography

Concept
Convert plain text to ciphertext called encryption
Transmit ciphertext to receiver
Convert ciphertext to plain text called decryption

Symmetric algorithms share same key and involves

key distribution problem
Asymmetric algorithms use different keys; Public
Key Cryptography
Strength of encryption determined by key size; 512
bits, 768 bits, 1024 bits
Encryption algorithms can be on data blocks or on
each byte of data

Message Digest

Concept
Fixed size numeric representation of contents of message
Computed by hash function which is one way
No two different message will have the same value

Also called Message Authentication Code (MAC)

Message digest is sent along with the message
Receiver generates a digest and compares with
what was received

Digital Signatures

Concept
Formed by encrypting a representation of message
Encryption done using the private key of the signatory
Normally done on the message digest for efficiency

Digital Signature sent along with the message

Receiver retrieves the message digest using the
public key of the signatory
Computes the digest from the message received and
the compares against the digest retrieved
Can involve man in the middle attack with public
key distribution

Digital Certificates

Concept
Binds public key to a owner and prevents impersonation
Also known as public key certificates
Involves trusted third party called Certification Authority

Digital Certificates include

Owner's public key
Owner's distinguished name: CN,O,OU,L,ST,C
Distinguished name of the issuer
Date from which the certificate is valid
Expiry date of the certificate
Version number
Serial number

Need to make a request and receive digital

certificate from a CA

Digital Certificates

Concept
Binds public key to a owner and prevents impersonation
Involves trusted third party called Certification Authority
Also known as public key certificates

Digital Certificates include

Owner's public key
Owner's distinguished name: CN,O,OU,L,ST,C
Distinguished name of the issuer
Date from which the certificate is valid
Expiry date of the certificate
Version number
Serial number

Need to make a request and receive certificate from

a CA

Public Key Infrastructure (PKI)

System of facilities, policies and services that
support the use of Public Key Cryptography
Typically involves Certification Authorities (CA)
and Registration Authorities (RA) which does

Issuing digital certificates

Validation digital certificates
Revoking digital certificates
Distribution public keys

RA does the verification of information provided in

the request for certificate to CA

Secured Sockets Layer1 (SSL)

MQ Security Considerations
Authority to administer Websphere MQ
Authority to work with Websphere MQ objects
Channel Security
MQ Clusters
MQ Publish/Subscribe
MQ Internet Pass-Thru
Link level security
Application level security

MQ Security Options
MQM can verify the administration authority
MQM can verify the authority to access objects
MCA can authenticate a partner MCA
Messages can be encrypted before sending and
decrypted when receiving
User-id in the message descriptor can be used to
verify the authority to access MQM objects
COA and COD report options to implement nonrepudiation functions in an application

MQ Framework

MQ Framework Components
Trigger Monitor Interface
Message Channel Interface
Name Service Interface
Security Enabling Interface
Data Conversion Interface

MQ Performance

MQ Performance Improvement
Use MQCONNX with fastpath binding option
The application should be trusted
Use MQCONNX to create thread independent
connection

bnair@asquareb.com

blog.asquareb.com
https://github.com/bijugs
@gsbiju