first commit
This commit is contained in:
51
incubating/mqadvanced-server-dev/10-dev.mqsc.tpl
Normal file
51
incubating/mqadvanced-server-dev/10-dev.mqsc.tpl
Normal file
@@ -0,0 +1,51 @@
|
||||
* © Copyright IBM Corporation 2017, 2024
|
||||
*
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
|
||||
* Developer queues
|
||||
DEFINE QLOCAL('DEV.QUEUE.1') REPLACE
|
||||
DEFINE QLOCAL('DEV.QUEUE.2') REPLACE
|
||||
DEFINE QLOCAL('DEV.QUEUE.3') REPLACE
|
||||
DEFINE QLOCAL('DEV.DEAD.LETTER.QUEUE') REPLACE
|
||||
DEFINE QMODEL('DEV.APP.MODEL.QUEUE') REPLACE
|
||||
|
||||
* Use a different dead letter queue, for undeliverable messages
|
||||
ALTER QMGR DEADQ('DEV.DEAD.LETTER.QUEUE')
|
||||
|
||||
* Developer topics
|
||||
DEFINE TOPIC('DEV.BASE.TOPIC') TOPICSTR('dev/') REPLACE
|
||||
|
||||
* Developer connection authentication
|
||||
DEFINE AUTHINFO('DEV.AUTHINFO') AUTHTYPE(IDPWOS) CHCKCLNT(REQDADM) CHCKLOCL(OPTIONAL) ADOPTCTX(YES) REPLACE
|
||||
ALTER QMGR CONNAUTH('DEV.AUTHINFO')
|
||||
REFRESH SECURITY(*) TYPE(CONNAUTH)
|
||||
|
||||
* Developer channels (Application + Admin)
|
||||
* Developer channels (Application + Admin)
|
||||
DEFINE CHANNEL('DEV.ADMIN.SVRCONN') CHLTYPE(SVRCONN) REPLACE
|
||||
DEFINE CHANNEL('DEV.APP.SVRCONN') CHLTYPE(SVRCONN) MCAUSER('app') REPLACE
|
||||
|
||||
* Developer channel authentication rules
|
||||
SET CHLAUTH('*') TYPE(ADDRESSMAP) ADDRESS('*') USERSRC(NOACCESS) DESCR('Back-stop rule - Blocks everyone') ACTION(REPLACE)
|
||||
SET CHLAUTH('DEV.APP.SVRCONN') TYPE(ADDRESSMAP) ADDRESS('*') USERSRC(CHANNEL) CHCKCLNT({{ .ChckClnt }}) DESCR('Allows connection via APP channel') ACTION(REPLACE)
|
||||
SET CHLAUTH('DEV.ADMIN.SVRCONN') TYPE(BLOCKUSER) USERLIST('nobody') DESCR('Allows admins on ADMIN channel') ACTION(REPLACE)
|
||||
SET CHLAUTH('DEV.ADMIN.SVRCONN') TYPE(USERMAP) CLNTUSER('admin') USERSRC(CHANNEL) DESCR('Allows admin user to connect via ADMIN channel') ACTION(REPLACE)
|
||||
SET CHLAUTH('DEV.ADMIN.SVRCONN') TYPE(USERMAP) CLNTUSER('admin') USERSRC(MAP) MCAUSER ('mqm') DESCR ('Allow admin as MQ-admin') ACTION(REPLACE)
|
||||
|
||||
* Developer authority records
|
||||
SET AUTHREC PRINCIPAL('app') OBJTYPE(QMGR) AUTHADD(CONNECT,INQ)
|
||||
SET AUTHREC PROFILE('DEV.**') PRINCIPAL('app') OBJTYPE(QUEUE) AUTHADD(BROWSE,GET,INQ,PUT)
|
||||
SET AUTHREC PROFILE('DEV.**') PRINCIPAL('app') OBJTYPE(TOPIC) AUTHADD(PUB,SUB)
|
||||
SET AUTHREC PROFILE('DEV.APP.MODEL.QUEUE') PRINCIPAL('app') OBJTYPE(QUEUE) AUTHADD(BROWSE,DSP,GET,INQ,PUT)
|
||||
|
||||
18
incubating/mqadvanced-server-dev/20-dev-tls.mqsc.tpl
Normal file
18
incubating/mqadvanced-server-dev/20-dev-tls.mqsc.tpl
Normal file
@@ -0,0 +1,18 @@
|
||||
* © Copyright IBM Corporation 2018, 2022
|
||||
*
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
|
||||
* Set the cipherspec for dev channels
|
||||
ALTER CHANNEL('DEV.APP.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH(ANY_TLS12_OR_HIGHER) SSLCAUTH(OPTIONAL)
|
||||
ALTER CHANNEL('DEV.ADMIN.SVRCONN') CHLTYPE(SVRCONN) SSLCIPH(ANY_TLS12_OR_HIGHER) SSLCAUTH(OPTIONAL)
|
||||
78
incubating/mqadvanced-server-dev/admin.json.tpl
Normal file
78
incubating/mqadvanced-server-dev/admin.json.tpl
Normal file
@@ -0,0 +1,78 @@
|
||||
{
|
||||
"version": 0.1,
|
||||
"tabs": [
|
||||
{
|
||||
"title": "IBM MQ Container",
|
||||
"numColumns": 2,
|
||||
"model": {
|
||||
"title": "",
|
||||
"rows": [
|
||||
{
|
||||
"columns": [
|
||||
{
|
||||
"widgets": [
|
||||
{
|
||||
"type": "channel",
|
||||
"config": {
|
||||
"selectedQM": "{{ .QueueManagerName }}",
|
||||
"showSysObjs": false,
|
||||
"sizex": 1,
|
||||
"sizey": 1,
|
||||
"subType": "all"
|
||||
},
|
||||
"title": "Channels on {{ .QueueManagerName }}",
|
||||
"titleTemplateUrl": "adf/templates/widget-title.html",
|
||||
"gridsterrow": 0,
|
||||
"gridstercol": 1
|
||||
},
|
||||
{
|
||||
"type": "topic",
|
||||
"config": {
|
||||
"selectedQM": "{{ .QueueManagerName }}",
|
||||
"showSysObjs": false,
|
||||
"sizex": 1,
|
||||
"sizey": 1
|
||||
},
|
||||
"title": "Topics on {{ .QueueManagerName }}",
|
||||
"titleTemplateUrl": "adf/templates/widget-title.html",
|
||||
"gridsterrow": 1,
|
||||
"gridstercol": 1
|
||||
},
|
||||
{
|
||||
"type": "queue",
|
||||
"config": {
|
||||
"selectedQM": "{{ .QueueManagerName }}",
|
||||
"showSysObjs": false,
|
||||
"sizex": 1,
|
||||
"sizey": 1,
|
||||
"subType": "all"
|
||||
},
|
||||
"title": "Queues on {{ .QueueManagerName }}",
|
||||
"titleTemplateUrl": "adf/templates/widget-title.html",
|
||||
"gridsterrow": 1,
|
||||
"gridstercol": 0
|
||||
},
|
||||
{
|
||||
"type": "queuemanager",
|
||||
"gridstercol": 0,
|
||||
"gridsterrow": 0,
|
||||
"config": {
|
||||
"type": "local",
|
||||
"sizex": 1,
|
||||
"sizey": 1,
|
||||
"customTitle": "Queue Manager"
|
||||
},
|
||||
"title": "Queue Manager",
|
||||
"titleTemplateUrl": "adf/templates/widget-title.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"titleTemplateUrl": "adf/templates/dashboard-title.html"
|
||||
},
|
||||
"isMobile": false
|
||||
}
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,42 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<server>
|
||||
<featureManager>
|
||||
<feature>appSecurity-2.0</feature>
|
||||
<feature>basicAuthenticationMQ-1.0</feature>
|
||||
</featureManager>
|
||||
<enterpriseApplication id="com.ibm.mq.console">
|
||||
<application-bnd>
|
||||
<security-role name="MQWebAdmin">
|
||||
<group name="MQWebUI" realm="defaultRealm"/>
|
||||
</security-role>
|
||||
</application-bnd>
|
||||
</enterpriseApplication>
|
||||
<enterpriseApplication id="com.ibm.mq.rest">
|
||||
<application-bnd>
|
||||
<security-role name="MQWebAdmin">
|
||||
<group name="MQWebUI" realm="defaultRealm"/>
|
||||
</security-role>
|
||||
<security-role name="MQWebUser">
|
||||
<group name="MQWebMessaging" realm="defaultRealm"/>
|
||||
</security-role>
|
||||
</application-bnd>
|
||||
</enterpriseApplication>
|
||||
<basicRegistry id="basic" realm="defaultRealm">
|
||||
<user name="admin" password="${env.MQ_ADMIN_PASSWORD_SECURE}"/>
|
||||
<user name="app" password="${env.MQ_APP_PASSWORD_SECURE}"/>
|
||||
<group name="MQWebUI">
|
||||
<member name="admin"/>
|
||||
</group>
|
||||
<group name="MQWebMessaging">
|
||||
<member name="app"/>
|
||||
</group>
|
||||
</basicRegistry>
|
||||
<variable name="httpHost" value="*"/>
|
||||
<variable name="managementMode" value="externallyprovisioned"/>
|
||||
<variable name="mqConsoleRemoteSupportEnabled" value="false"/>
|
||||
<variable name="mqConsoleEnableUnsafeInline" value="true"/>
|
||||
<jndiEntry jndiName="mqConsoleDefaultCCDTHostname" value="${env.MQ_CONSOLE_DEFAULT_CCDT_HOSTNAME}"/>
|
||||
<jndiEntry jndiName="mqConsoleDefaultCCDTPort" value="${env.MQ_CONSOLE_DEFAULT_CCDT_PORT}"/>
|
||||
<httpDispatcher enableWelcomePage="false" appOrContextRootMissingMessage='<script>document.location.href="/ibmmq/console/";</script>' />
|
||||
<include location="tls.xml"/>
|
||||
</server>
|
||||
Reference in New Issue
Block a user