Authorization for configuration tasks

Authorization is the process of granting or denying access to a system resource. For WebSphere Business Integration Message Broker, authorization is concerned with controlling who has permission to access WebSphere Business Integration Message Broker resources, and ensuring that users who attempt to work with those resources have the necessary authorization to do so.

Examples of tasks that require authorization are:

Authorization for existing resources

Your system administrator might decide to continue working with the local groups: mqbrasgn, mqbrdevt, mqbrops, and mqbrtpic to secure access to resources from the workbench. If you want to use the security facilities of Version 5.0, when you require access to a resource that already exists, the user ID with which you work must be included in the Access Control List (ACL) for that resource.

For authorization to create resources, for example brokers, you must be a member of the administrator local group.

The security architecture of WebSphere Business Integration Message Broker is platform independent. If you are running in a heterogeneous environment, ensure that you limit all the principals you define for WebSphere Business Integration Message Broker tasks to eight characters or fewer. If you have a Windows-only environment, you can create principals of up to twelve characters, but only use these longer names if you are sure that you will not later include a UNIX or z/OS system in your WebSphere Business Integration Message Broker network.

Related concepts
Security for runtime resources

Related tasks
Setting up broker domain security
Enabling topic-based security

Related reference
Security requirements for administrative tasks