WebSphere WebSphere Application Server Express, Version 6.0.x Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Security considerations for service integration buses

If you are using messaging security, there are a number of considerations that apply to service integration buses.

Note: This topic contains a brief summary of security considerations for service integration buses. For more information about security issues, refer to Learning about security.

You can enable bus security so that access to the bus itself and to all destinations on the bus must be authorized. For bus security to be enabled, WebSphere global security must also be enabled. Refer to Messaging security for more information.

When a bus is created, an initial set of authorization permissions is created. These permissions grant all authenticated users access to the bus and to all local destinations. Refer to Administering authorization permissions for more information about controlling access to bus resources.

When bus security is enabled, you must set the Inter-engine authentication alias property to control the authentication of messaging engines joining the bus and for secure communication between messaging engines. Similarly, the Mediations authentication alias property is used for mediations that access the bus. Refer to Adding a bus for further information.

You can use secure transport connections (SSL or HTTPS) to ensure confidentiality and integrity of messages in transit between application clients and messaging engines and between messaging engines. This is achieved by defining transport chains and then referencing the transport chain name as follows: For more information, see Secure transport considerations.

In the routing definitions for connections to foreign buses, the user ID applied to messages entering or leaving the foreign bus can be replaced by values specified by the Inbound user ID and Outbound user ID properties. For more information, see Adding a foreign bus.

The Authentication alias property of the service integration bus link is used for authentication of access to a foreign bus. For more details, see Adding a service integration bus link.


Concept topic

Terms of Use | Feedback

Last updated: 2 Aug 2005
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.pmc.express.doc\concepts\cjj0009_.html

© Copyright IBM Corporation 2004, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)