WebSphere Message Broker, Version 8.0.0.7 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS

See information about the latest product version

Web and REST security

Control access to broker resources through the web user interface and REST application programming interface (API).

Web and REST security are enabled for brokers that have administration security enabled. You can enable administration security for a broker either when you create it (by using the -s active property of the mqsicreatebroker command), or by modifying it using the mqsichangebroker command.

If administration security is enabled, web users can access the web UI only when they have logged on using their web user account. Their access to data and broker resources is controlled by the permissions that have been associated with their role (system user ID). If administration security is not enabled, web users can interact with the web UI without logging on; they interact with the web UI as the 'default' user and can access all data and broker resources.

If administration security is enabled, REST users can access only the data and broker resources for which they are authorized. If administration security is not enabled, all REST requests are unrestricted.

The following topics introduce the concepts that you need to understand before you can set up web and REST security, and explain the steps involved in securing access to broker resources through the web and REST interfaces:

Notices | Trademarks | Downloads | Library | Support | Feedback

Copyright IBM Corporation 1999, 2016Copyright IBM Corporation 1999, 2016.

        
        Last updated:
        
        Last updated: 2016-05-23 14:48:24


Concept topicConcept topic | Version 8.0.0.7 | bp28497_