Start of change
IBM App Connect Enterprise, Version 11.0.0.2 Operating Systems: Windows, Linux


Authenticating users for administration

Authentication is the process of establishing the identity of a user or system and verifying that the identity is valid. You can control access to the IBM® App Connect Enterprise administration interfaces by using the authentication capabilities that are provided with the product.

Before you begin

About this task

IBM App Connect Enterprise provides authentication support for the following administration interfaces:
  • IBM App Connect Enterprise web user interface.
  • IBM App Connect Enterprise RESTful application programming interface (API).
  • IBM App Connect Enterprise Toolkit
  • IBM App Connect Enterprise commands.

If administration security authentication (basicAuth) is enabled, users of the web user interface and the RESTful API must log in with a user ID and password. If the user account is defined with a local password, the user ID and password are checked against the stored credentials. Users' access to data and resources is controlled by the permissions that are associated with their role. For more information, see Role-based security.

If administration security is not enabled, web users can interact with the IBM App Connect Enterprise web user interface without logging on; they interact with the web UI as the 'default' user and can access all data and resources. For users of the RESTful API, all REST requests are unrestricted if administration security is not enabled.

For the following administration interfaces, authentication is provided only by the system login; no additional authentication is carried out:

For more information about authenticating users for administration, see Managing web user accounts and Accessing the web user interface.

For information about authorizing users based on the role to which they are assigned, see Authorizing users for administration.

You can enable authentication for users of IBM App Connect Enterprise administration interfaces, either by using the mqsichangeauthmode command, or by setting security properties in the appropriate .yaml configuration file for your integration node or server.

Procedure

Enable authentication by completing the steps in one of the following tasks:

Enable authentication by using the mqsichangeauthmode command

About this task

Complete the following steps to enable authentication for users of the IBM App Connect Enterprise administration interfaces, by using the mqsichangeauthmode command:

Procedure

  1. Run the mqsichangeauthmode command on your integration node or server. Specify the -b parameter to enable authentication only, as shown in the following example:
    mqsichangeauthmode -w myIntegrationServerWorkPath -b active

    In this example, authentication is enabled on the independent integration server whose work path is specified by the -w parameter.

    In the following example, authentication is enabled on the integration node ACE11NODE:
    mqsichangeauthmode ACE11NODE -b active
    Alternatively, you can specify the -s parameter, which configures both authentication and authorization. For more information, see mqsichangeauthmode command.
  2. Restart your integration node or integration server for the changes to take effect.

Enable authentication by modifying the node.conf.yaml or server.conf.yaml file

About this task

Complete the following steps to enable authentication for users of the IBM App Connect Enterprise administration interfaces, by modifying properties in the .yaml configuration file for your integration node or integration server:

Procedure

  1. Open the node.conf.yaml or server.conf.yaml configuration file for your integration node or server, by using a YAML editor. If you do not have access to a YAML editor, you can edit the file by using a plain text editor; however, you must ensure that you do not include any tab characters, which are invalid characters in YAML and would cause your configuration to fail. If you are using a plain text editor, ensure that you use a YAML validation tool to validate the content of your file.
  2. In the Admin Security Authentication section of the .yaml configuration file, set the basicAuth property to true:
    basicAuth: true
  3. Save the .yaml configuration file.
  4. Restart your integration node or integration server for the changes to take effect.

bp28461_.htm | Last updated 2018-11-02 14:46:32
End of change