WebSphere WebSphere Application Server Network Deployment, Version 6.1.x Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS

Security considerations for service integration buses

There are a number of considerations that apply to service integration buses. Messaging security ensures that users are authenticated, resources are protected by security checks and messages are secure when they are in transit.

This topic describes the key security considerations for service integration buses. For more general information about security issues, see Learning about service integration security.

When a bus is created with its bus security enabled, the bus:
You can use secure transport connections to ensure confidentiality and integrity of messages in transit between application clients, the bus, and between messaging engines. This is achieved by defining transport chains and then referencing the transport chain name as follows: For more information, see Secure transport considerations.
Note: When a secure bus is created, only SSL protected messaging chains are permitted. For example, you can use the InboundSecureMessaging transport chain.

In the routing definitions for connections to foreign buses, the user ID applied to messages entering or leaving the foreign bus can be replaced by values specified by the Inbound user ID and Outbound user ID properties. For more information, see Adding a foreign bus.

The ability to authenticate access to a foreign bus is provided by the Authentication alias property of the service integration bus link . An authentication alias is defined at both ends of the foreign bus link between two secure buses. The user ID specified on the foreign bus link must be the same at both ends of the foreign bus link for authorization purposes. For example, consider a scenario where two messaging engines are connected by a foreign bus link. Messaging engine A presents the user ID and password to messaging engine B so that messaging engine B can authenticate messaging engine A. For details about creating a foreign bus link, see Adding a service integration bus link.

Related tasks
Planning a bus topology
Planning a multiple-bus topology
Planning a topology that includes WebSphere MQ
Connecting buses

Concept topic

Terms of use | Feedback


Timestamp icon Last updated: 26 February 2009
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.pmc.nd.multiplatform.doc/concepts/cjj0009_.html

Copyright IBM Corporation 2004, 2009. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)