Writing authenticators in Java™

All authenticators must extend the base authenticator class:
class MyAuthenticator extends com.ibm.mqe.MQeAuthenticator  
The following methods in the base class can be overridden:
activateMaster()
The signature for this method is:
public byte[] activateMaster( boolean local ) throws Exception
It is invoked on the queue manager that initiates access to a queue. The parameter local indicates whether this is a local access; that is, the queue is on the same queue manager, local == true, or a remote access, local == false. The method should collect data to authenticate the queue manager or user and return the data in a byte array. The data is passed to the activateSlave() method. The activateMaster() method in the base class, MQeAuthenticator, simply returns null. It does not throw any exceptions. Any exceptions thrown by this method, in a subclass, are not caught by MQe itself, but are passed back to the user's code and terminate the attempt to access the queue.
activateSlave()
The signature for this method is:
public byte[] activateSlave( boolean local,  byte data[] ) throws Exception
This is invoked on the queue manager that owns the queue. The parameter local indicates whether this is a local access, i.e. initiated on the same queue manager, local == true, or a remote access, local == false. The parameter datacontains the data returned by the activateMaster() method. The activateSlave() method should validate this data. If it is satisfied with the data it should call the setAuthenticatedID() method to set the name of the authenticated entity, this indicates that the first stage of the authentication was successful. It can then collect data to authenticate the local queue manager and return it in a byte array. The data is passed to the slaveResponse() method. If it is not satisfied with the data, it throws an exception indicating the reason. The activateSlave() method in the base class, MQeAuthenticator, checks whether the name of the authenticated entity has been set and if it has, it logs the name; it then returns null. It does not throw any exceptions. Any exceptions thrown by this method, in a subclass, are not caught by MQe itself, but are passed back to the initiating queue manager where they are re-thrown. MQe does not catch these exceptions on the initiating queue manager and they are passed back to the user's code and will terminate the attempt to access the queue.
slaveResponse()
The signature for this method is:
 public void slaveResponse( boolean local, byte data[] ) throws Exception
It is invoked on the queue manager that initiates access to a queue. The local parameter indicates whether this is a local access, local == true, or a remote access, local == false. The parameter data contains the data returned by the activateSlave() method. If it is satisfied with the data it should call the setAuthenticatedID() method to set the name of the authenticated entity, this indicates that the second stage of the authentication was successful. If the activateSlave() method did not return any data, and the slaveResponse() method is satisfied with this, it still calls setAuthenticatedID() to indicate success. If it is not satisfied with the data, it throws an exception indicating the reason. The slaveResponse() method in the base class, MQeAuthenticator, simply returns null. It does not throw any exceptions. Any exceptions thrown by this method, in a subclass, are not caught by MQe itself, but are passed back to the user's code and terminate the attempt to access the queue.
Figure 1. The slaveResponse() method in MQeAuthenticator
This diagram shows a queue manager initiating acess to a queue owned by another queue manager. The activateSlave() method returns data. If it is satisfied with this data, the slaveResponse() method calls the setAuthenticatedID() to indicate success. If it is not satisfied with the data, slaveResponse() throws an exception.
When a queue is accessed locally, the three methods are invoked in sequence on the local queue manager.

Terms of use | WebSphere software

(c) Copyright IBM Corporation 2004, 2005. All rights reserved.