Where is the “anonymous” user configured in the TIBCO Enterprise Message Service (EMS) server?
Article ID: KB0090084
Updated On:
| Products | Versions |
|---|---|
| TIBCO Enterprise Message Service | - |
| Not Applicable | - |
Description
Resolution:
Description:
==========
In the EMS server logs, I see applications using a user “anonymous” connecting to the EMS server, but I cannot find that user in the users.conf or “show users” command from tibemsadmin.
Cause:
= = = =
When a client application uses a createConnection() call to create a connection to the EMS server, the EMS API uses over-loaded functions. The application can either specify a username/password as string in the createConnection() call or it may not choose to do so.
If the application does not choose to use a username/password combo in the createConnection() call and authorization is disabled in the EMS server, the EMS server accepts the connection from an anonymous user. This user ID does not need to be configured in the users.conf of EMS. "Anonymous" means that the client is not using any username/password in the createConnection() call to connect to the EMS server.
If authorization is enabled in EMS server, all attempts to create connections from the anonymous user will fail. In this case, the application needs to have a user configured in the users.conf of EMS server/LDAP/JAAS and its respective password in the createConnection() call. Only then will the connection will be created.
If I a user named “anonymous” with no password is configured in the EMS server, the applications can connect to an authorization-enabled EMS server, even if they do not use a username/password in the createConnection() call.
Environment:
===========
1). All Platforms
2). TIBCO Enterprise Message Service (all versions)
Description:
==========
In the EMS server logs, I see applications using a user “anonymous” connecting to the EMS server, but I cannot find that user in the users.conf or “show users” command from tibemsadmin.
Cause:
= = = =
When a client application uses a createConnection() call to create a connection to the EMS server, the EMS API uses over-loaded functions. The application can either specify a username/password as string in the createConnection() call or it may not choose to do so.
If the application does not choose to use a username/password combo in the createConnection() call and authorization is disabled in the EMS server, the EMS server accepts the connection from an anonymous user. This user ID does not need to be configured in the users.conf of EMS. "Anonymous" means that the client is not using any username/password in the createConnection() call to connect to the EMS server.
If authorization is enabled in EMS server, all attempts to create connections from the anonymous user will fail. In this case, the application needs to have a user configured in the users.conf of EMS server/LDAP/JAAS and its respective password in the createConnection() call. Only then will the connection will be created.
If I a user named “anonymous” with no password is configured in the EMS server, the applications can connect to an authorization-enabled EMS server, even if they do not use a username/password in the createConnection() call.
Environment:
===========
1). All Platforms
2). TIBCO Enterprise Message Service (all versions)
Issue/Introduction
Where is the “anonymous” user configured in the TIBCO Enterprise Message Service (EMS) server?
Feedback
Yes
No
Powered by
