Last month, I published a blog post called Useful information on setting up and using a JMS whitelist, which described how the JMS whitelisting functionality provided by APAR IT14385 worked and how it could be used. One question that keeps cropping up is "How do I use the whitelist from WebSphere Application Server?".
This is a good question!
The first thing that you'll need to do is to either apply a WebSphere Application Server interim fix or Fix Pack to your WebSphere Application Server installation that upgrades the MQ resource adapter component to a version that includes the fix for IT14385. To make things easier, the WebSphere Application Server support organization have raised a number of different APARs against the application server (one per release) - these APARs are being used to ship the updated resource adapter. The APAR numbers are shown in the table below:
WebSphere Application Server
|Applicable Releases||Version of MQ resource adapter shipped as part of the APAR.|
WebSphere Application Server V7.0
WebSphere Application Server V8.0
|WebSphere MQ V188.8.131.52 + IT14385|
|PI74862||WebSphere Application Server V8.5||WebSphere MQ V184.108.40.206 + IT14385 + IT15559|
|PI74874||WebSphere Application Server V9.0||IBM MQ V220.127.116.11 + IT14385|
Once the application server has been updated, you can use the Java system properties:
om.i bm.m q.jm s.wh itel ist
m.ib m.mq .jms .whi teli st.d isco ver
mentioned in the Useful information on setting up and using a JMS whitelist blog post to configure and use a whitelist. Note that the Java system properties need to be set as Generic JVM Arguments on the Java Virtual Machine that the application server is running in (as shown in the screenshots below) and the application server restarted for the properties to take effect.
As always, I hope this helps! If you have any questions, feel free to ask and I'll be happy to answer them.