WebSphere Business Integration Message Broker uses a user role definition approach to access control, with the run time requiring the creation of specified access groups to which all users with authority to perform a task needed to be added. The following table outlines the runtime objects that have ACLs, the permissions that principals can be granted, and the rights conferred by each of those permissions. Use the mqsicreateaclgroup command to create or modify the Configuration Manager database table relating to the group or user ACLs that you have defined.
Object | Permission | Rights |
---|---|---|
Topology | Full control |
|
View |
|
|
Broker | Full control |
|
View |
|
|
Execution group | Full control |
|
![]() ![]() |
![]()
![]() |
|
View |
|
|
Root topic | Full control |
|
Deploy |
|
|
Edit |
|
|
View |
|
|
Subscription | Full control |
|
View |
|