Are you receiving MQJMS2013 connecting to WebSphere MQ?
tamekawoody 110000RMF4 Visits (9473)
After applying WebSphere Application Server V18.104.22.168 fix pack, your WebSphere MQ JMS applications begin failing with error MQJMS2013. Here is an example of the MQJMS2013 error:
At the same time as the MQJMS2013 error, the WebSphere MQ queue manager AMQERR01.LOG will contain the following AMQ9245 error:
The errors in both error logs indicate that the user id 'root' does not have the correct authority to connect to the queue manager. This user id is passed by the WebSphere Application Server to the WebSphere MQ queue manager.
Are you wondering why the WebSphere Application server fix pack is causing the authentication failure? You may be asking, why all of a sudden is a user ID necessary to authenticate the WebSphere Application Server JMS application to the WebSphere MQ queue manager?
To help your wondering mind, the problem is not seen in prior fix packs for WebSphere Application Server as they were using the WebSphere MQ V22.214.171.124 or earlier jar files. Once you apply the WebSphere Application Server fix pack V126.96.36.199, the jar files for WebSphere MQ are at the V188.8.131.52 level; thereby, causing this issue. The WebSphere Application Server is, either running under the specified user id or the J2C authentication alias associated with your JMS connection factory in WebSphere Application Server, has the user ID specified.
If you have a J2C authentication alias associated with your JMS connection factory in WebSphere Application Server, then the userid that is specified on the authentication alias will be passed to MQ. However, if you don't have an authentication alias, then in V184.108.40.206 and below, no user ID will be passed to MQ. Due to the change in the MQ client JAR in V220.127.116.11, if you don't have an authentication alias, the user ID that is used to start the application server process will be passed to MQ. If that user ID is not in the mqm group, the authentication will fail, causing the MQJMS2013 error that you are seeing.
To resolve the problem, you can create a J2C authentication alias that contains a user ID that is a member of the mqm group, and then associate that authentication alias with your JMS connection factory, by setting it as both the container-managed and component-managed authentication alias. If configuring the J2C authentication alias is not an option, you can grant WebSphere MQ authority to the user identified in the AMQ9245 error message on the WebSphere MQ queue manager system.