Protocol bridge credentials file format

The ProtocolBridgeCredentials.xml file in the agent configuration directory defines the user names and credential information that the protocol bridge agent uses to authorize itself with the protocol server.

The ProtocolBridgeCredentials.xml file must conform to the ProtocolBridgeCredentials.xsd schema. The ProtocolBridgeCredentials.xsd schema document is located in the install_directory/samples/schema directory of the WMQFTE installation. A template ProtocolBridgeCredentials.xml file is created by the fteCreateBridgeAgent command in the agent configuration directory.

The new function for V7.0.4.1 introduces a new <server> element to replace the <serverHost> element that was used in earlier versions.

Schema - V7.0.4.1 and later

The following schema describes which elements are valid in the ProtocolBridgeCredentials.xml file for V7.0.4.1 (with the new function enabled) and later.

<schema targetNamespace="http://wmqfte.ibm.com/ProtocolBridgeCredentials" elementFormDefault="qualified" 
                xmlns="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://wmqfte.ibm.com/ProtocolBridgeCredentials">

	<!--  
	    <?xml version="1.0" encoding="UTF-8"?>
            <tns:credentials xmlns:tns="http://wmqfte.ibm.com/ProtocolBridgeCredentials" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                                        xsi:schemaLocation="http://wmqfte.ibm.com/ProtocolBridgeCredentials ProtocolBridgeCredentials.xsd ">
                <tns:server name="myserver">
                    <tns:user name="fred" serverPassword="pwd" serverUserId="bill">
                    </tns:user>
                    <tns:user  name="jane" serverUserId="june" hostKey="1F:2e:f3">
                        <tns:privateKey associationName="test" keyPassword="pwd2">
                         .... private key ...
                        </tns:privateKey>
                    </tns:user>
               </tns:server>
               <tns:server name="server*" pattern="wildcard">
                    <tns:user name="fred" serverPassword="pwd" serverUserId="bill">
                    </tns:user>
                    <tns:user  name="jane" serverUserId="june" hostKey="1F:2e:f3">
                        <tns:privateKey associationName="test" keyPassword="pwd2">
                         .... private key ...
                        </tns:privateKey>
                    </tns:user>
               </tns:server>
        </tns:credentials>
	-->
	
    <element name="credentials" type="tns:credentialsType"></element>

    <complexType name="credentialsType">
    	<choice minOccurs="0" maxOccurs="1">
			<element name="serverHost" type="tns:serverHostType" minOccurs="0" maxOccurs="unbounded"/>
			<element name="server" type="tns:serverType" minOccurs="0" maxOccurs="unbounded"/>
		</choice>
    </complexType>

    <complexType name="serverHostType">
    	<sequence>
    		<element ref="tns:user" minOccurs="0" maxOccurs="unbounded"></element>
    	</sequence>
    	<attribute name="name" type="string" use="required"></attribute>
    </complexType>
    
    <complexType name="serverType">
    	<sequence>
    		<element ref="tns:user" minOccurs="0" maxOccurs="unbounded"></element>
    	</sequence>
    	<attribute name="name" type="string" use="required"></attribute>
    	<attribute name="pattern" type="tns:patternType" use="optional" />
    </complexType>
    
    <element name="user" type="tns:userType"></element>

    <complexType name="userType">
    	<sequence>
    		<element ref="tns:privateKey" minOccurs="0" maxOccurs="unbounded"></element>
    	</sequence>
    	<attribute name="name" type="string" use="required"></attribute>
    	<attribute name="serverUserId" type="string" use="optional"></attribute>
    	<attribute name="serverPassword" type="string" use="optional"></attribute>
    	<attribute name="hostKey" use="optional">
    	    <simpleType>
    			<restriction base="string">
    				<pattern
    					value="([a-fA-F0-9]){2}(:([a-fA-F0-9]){2})*">
    				</pattern>
    			</restriction>
    		</simpleType>
    	</attribute>
    </complexType>

    <element name="privateKey" type="tns:privateKeyType"></element>

    <complexType name="privateKeyType">    
    	<simpleContent>      
        	<extension base="string">
    			<attribute name="keyPassword" type="string" use="optional"></attribute>
    			<attribute name="associationName" type="string" use="required"></attribute>  
    		</extension>
    	</simpleContent>
    </complexType>
    
    <!--
		Determines the type of pattern matching to use.
	-->
	<simpleType name="patternType">
		<restriction base="string">
			<enumeration value="regex" />
			<enumeration value="wildcard" />
		</restriction>
	</simpleType>
</schema>

Schema - V7.0.4 and earlier

The following schema describes which elements are valid in the ProtocolBridgeCredentials.xml file for V7.0.4 and earlier.

<?xml version="1.0" encoding="UTF-8"?>
    
<schema targetNamespace="http://wmqfte.ibm.com/ProtocolBridgeCredentials" 
        elementFormDefault="qualified"                 
        xmlns="http://www.w3.org/2001/XMLSchema" 
        xmlns:tns="http://wmqfte.ibm.com/ProtocolBridgeCredentials">  	

    <element name="credentials" type="tns:credentialsType"></element>

    <complexType name="credentialsType">
        <sequence>     		
            <element ref="tns:serverHost" minOccurs="0" maxOccurs="unbounded"></element>     	
        </sequence>     
    </complexType>      

    <element name="serverHost" type="tns:serverHostType"></element>      
    
    <complexType name="serverHostType">     	
        <sequence>     		
            <element ref="tns:user" minOccurs="0" maxOccurs="unbounded"></element>     	
        </sequence>     	
        <attribute name="name" type="string" use="required"></attribute>     
    </complexType>          

    <element name="user" type="tns:userType"></element>      

    <complexType name="userType">     	
        <sequence>     		
            <element ref="tns:privateKey" minOccurs="0" maxOccurs="unbounded"></element>     	
        </sequence>     	
        <attribute name="name" type="string" use="required"></attribute>     	
        <attribute name="serverUserId" type="string" use="optional"></attribute>     	
        <attribute name="serverPassword" type="string" use="optional"></attribute>     	
        <attribute name="hostKey" use="optional">
            <simpleType>     			
                <restriction base="string">     				
                    <pattern value="([a-fA-F0-9]){2}(:([a-fA-F0-9]){2})*"></pattern>     			
                </restriction>     		
            </simpleType>     	
        </attribute>     
    </complexType>      

    <element name="privateKey" type="tns:privateKeyType"></element>      

    <complexType name="privateKeyType">         	
        <simpleContent>               	
            <extension base="string">     			
                <attribute name="keyPassword" type="string" use="optional"></attribute>     			
                <attribute name="associationName" type="string" use="required"></attribute>       		
            </extension>     	
        </simpleContent>     
    </complexType>

</schema>

Understanding the ProtocolBridgeCredentials.xml file

The elements and attributes used in the ProtocolBridgeCredentials.xml file are described in the following list.
<credentials>
Group element containing elements that describe the credentials used by a protocol bridge agent to connect to a protocol server.

<server>
If you have enabled the new function for V7.0.4.1, the protocol server that the protocol bridge connects to.

The <server> element is not supported for V7.0.4 or earlier.

Attribute Description
name The name of the protocol server.
pattern If you have used wildcards or regular expressions to specify the pattern of a protocol server name, use either wildcard or regex.
<serverHost>
The host name of the protocol server that the protocol bridge connects to.

If you have enabled the new function for V7.0.4.1, the ProtocolBridgeCredentials.xml file can either contain <serverHost> elements or <server> elements but you cannot use a mixture of the two different types. When you use <serverHost>, the name is matched against the protocol server's host name. When you use <server>, the name is matched against the protocol server's name (as defined in the ProtocolBridgeProperties.xml file).

Attribute Description
name The host name or IP address of the protocol server.
<user>
A user mapping from a WebSphere® MQ File Transfer Edition user name to a protocol server user name.
Attribute Description
name The user name that is used with WebSphere MQ File Transfer Edition.
serverUserId The user name that is used with the protocol server.
serverPassword The password for the user name used on the protocol server.
hostKey The server host SSH fingerprint.
<privateKey>
The private key of a user.
Attribute Description
keyPassword The password for the private key.
associationName A name used for trace and logging.

Reference Reference

Feedback

Timestamp icon Last updated: Tuesday, 30 January 2018
http://www.ibm.com/support/knowledgecenter/SSEP7X_7.0.4/com.ibm.wmqfte.doc/protocol_bridge_cred_format.htm