Use the integral-jms-authorisations.xml file to view or change the authorization settings for JMS resources owned by the embedded WebSphere JMS provider.
Authorization to access JMS resources owned by the embedded WebSphere JMS provider is controlled by the following settings in the wempspath/wempsname/config/integral-jms-authorizations.xml file.
This structure of the settings in integral-jms-authorisations.xml is shown in the following example. Descriptions of these settings are provided after the example. To configure authorization settings, follow the instructions provided in Configuring authorization security for the embedded WebSphere JMS provider
<integral-jms-authorizations> <dynamic-update>true</dynamic-update> <queue-admin-userids> <userid>adminid1</userid> <userid>adminid2</userid> </queue-admin-userids> <queue-default-permissions> <permission>write</permission> </queue-default-permissions> <queue> <name>q1</name> <public> </public> <authorize> <userid>useridr</userid> <permission>read</permission> </authorize> <authorize> <userid>useridw</userid> <permission>write</permission> </authorize> </queue> <queue> <name>q2</name> <public> <permission>write</permission> </public> <authorize> <userid>useridr</userid> <permission>read</permission> </authorize> </queue> <topic> <name></name> <public> <permission>+pub</permission> </public> </topic> <topic> <name>a/b/c</name> <public> <permission>+sub</permission> </public> <authorize> <userid>useridpub</userid> <permission>+pub</permission> </authorize> </topic> </integral-jms-authorizations>
Controls whether or not the JMS Server checks dynamically for updates to this file.
This element lists those userids with administrative access to all WebSphere queue destinations. Administrative access is needed to create queues and perform other administrative activities on queues. You define each userid within a separate userid sub element:
This element defines the default queue access permissions that are assumed if no permissions are specified for a specific queue name. These permissions are used for queues for which you do not define specific permissions (in queue elements). If this element is not specified, then no access permissions exist unless explicitly authorized for individual queues.
You define the default permission within a separate permission sub element:
This element contains the following authorization settings for a single queue destination:
You define each default permission within a separate permission element.
You define each permission within a separate permission element. Each permission element can contain the keyword read or write to define the access permission.
For example, consider the following queue element:
<queue> <name>q1</name> <public> </public> <authorize> <userid>useridr</userid> <permission>read</permission> </authorize> <authorize> <userid>useridw</userid> <permission>write</permission> </authorize> <authorize> <userid>useridrw</userid> <permission>read</permission> <permission>write</permission> </authorize> </queue>
This element contains the following authorization settings for a single topic destination:
Each topic element has the following sub elements:
You define each default permission within a separate permission element.
You define each permission within a separate permission element. Each permission element can contain one of the following keywords to define the access permission: