Configuring MQMFTCredentials.xml
on multiplatforms
If Managed File Transfer (MFT) is configured with security enabled, connection authentication requires all MFT commands that connect with a queue manager to supply user ID and password credentials. Similarly, MFT loggers might be required to specify a user ID and password when connecting to a database. This credential information can be stored in the MFT credentials file.
About this task
The elements in the MQMFTCredentials.xml file must conform to the MQMFTCredentials.xsd schema. For information about the format of MQMFTCredentials.xml, see MFT credentials file format.
You can find a sample credentials file in the MQ_INSTALLATION_PATH/mqft/samples/credentials directory.
You can have one MFT credentials file for the coordination queue manager, one for the command queue manager, one for each agent, and one for each logger. Alternatively, you can have one file which is used by everything in your topology.
- UNIX and Linux®
- $HOME
- Windows
- %USERPROFILE% or %HOMEDRIVE%%HOMEPATH%
Type of command | Property file | Property name |
---|---|---|
Command which connects to the coordination queue manager | coordination.properties | coordinationQMgrAuthenticationCredentialsFile |
Command which connects to the command queue manager | connection.properties | connectionQMgrAuthenticationCredentialsFile |
Command that connects to an agent process | agent.properties | agentQMgrAuthenticationCredentialsFile |
Command that connects to a logger process | logger.properties | loggerQMgrAuthenticationCredentialsFile |
Type of command | Property file | Property name |
---|---|---|
MFT agents | agent.properties | agentQMgrAuthenticationCredentialsFile |
MFT loggers | logger.properties | loggerQMgrAuthenticationCredentialsFile |
For details about what commands and processes connect to which queue manager, see Which MFT commands and processes connect to which queue manager.
- UNIX and Linux
-
chown <agent owner userid> chmod 600
- Windows
- Ensure that inheritance is not enabled, and then remove all of the user IDs except those running the agent or logger that will be using the credentials file.
- Global (configuration on local disk)
- A global configuration uses the credentials file specified in the coordination and command properties.
- Local (defined within IBM MQ Explorer):
- A local configuration uses the properties of the connection details of the associated queue manager in IBM MQ Explorer.