Using the connection factory through a direct lookup
After an IBM® MQ messaging provider connection factory has been defined, an enterprise application can look up the connection factory definition and use it to create a JMS connection to an IBM MQ queue manager. This can be done through a direct look up.
InitialContext ctx = new InitialContext();
ConnectionFactory cf = (ConnectionFactory) ctx.lookup("jms/myCF");
- Your application developer needs to know the JNDI name of the required connection factory when the enterprise application is being developed. Because the JNDI name is hard coded inside the application, if the JNDI name changes, you need to re-write and re-deploy the application.
- When a connection factory definition is used in this way, the user name and password specified in the authentication alias (that the connection factory has been configured to use) are not flowed down to IBM MQ. This is to prevent unauthorized applications from identifying the connection factory, and being able to use it to connect to secure IBM MQ systems.
The user name and password that are flowed down to IBM MQ depends on the method that is used to create the JMS connection from the connection factory.
ConnectionFactory.createConnection()
the default user
identity is passed down to IBM MQ. This
is the user name and password that started the application server where the
enterprise application is running.
ConnectionFactory.createConnection(String username, String password)
If an application has performed a direct look up of a connection factory, and then
called this method, the user name and password that were passed into the
createConnection()
method are flowed down to IBM MQ.
No checks were made on the password. In order to perform an authentication check, and validate that the user name and password were valid, an IBM MQ channel security exit must be written. Details on how to do this can be found in Channel security exit programs.
From IBM MQ 8.0, the queue manager checks the password in addition to the user name.